Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer Running slow and Loud.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer Running slow and Loud.

Unread postby rcm » June 22nd, 2012, 9:08 pm

Hello, I hope you can help me.
Over the past year my computer has been running slower and slower,
and the fan usage is continually increasing.
I've removed everything I can think of that would be causing the problem.
And the temperature doesn't actually seem to be getting too high.
Thanks for any advice you can provide.

DDS.txt
--------
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by memmott at 19:42:11 on 2012-06-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.5768 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\MHotKey.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RAVCpl64.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\CNYHKey.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://wapp.verizon.net/bookmarks/bmred ... bm=yh_home
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b= ... =lx6200-01
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120520085435.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [LedKey] CNYHKey.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot
mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F04EDED7-5A79-47A9-A43D-951D8E8A6AC5} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120520085435.dll
BHO-X64: scriptproxy - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [LedKey] CNYHKey.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun-x64: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot
mRunOnce-x64: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll
FF - plugin: C:\Users\memmott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-9-18 24576]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 290832]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-29 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-29 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-29 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-8-29 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-29 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-29 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-29 162192]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-21 2348352]
R2 ServicepointService;ServicepointService;C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe [2011-2-5 689464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-6-17 434864]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc --> RUNDLL32.EXE ykx64coinst,serviceStartProc [?]
R3 CAXHWBS2;CAXHWBS2;C:\Windows\system32\DRIVERS\CAXHWBS2.sys --> C:\Windows\system32\DRIVERS\CAXHWBS2.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RTS5121.sys --> C:\Windows\system32\Drivers\RTS5121.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-9 135664]
S3 AVer88xHD;AVerMedia 23888 AvStream Video Capture;C:\Windows\system32\drivers\AVer88xHD64.sys --> C:\Windows\system32\drivers\AVer88xHD64.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe --> c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [?]
S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-9 135664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-12-23 2152720]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-2-25 17152]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-19 129976]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
txtfile=notepad %1
.
=============== Created Last 30 ================
.
2012-06-23 00:30:15 -------- d-----w- C:\Users\memmott\AppData\Roaming\WinPatrol
2012-06-23 00:30:08 -------- d-----w- C:\Program Files (x86)\BillP Studios
2012-06-23 00:30:07 -------- d-----w- C:\ProgramData\InstallMate
2012-06-23 00:04:23 -------- d-----w- C:\From Sarahs Old Computer
2012-06-22 23:43:09 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF73C944-6E31-444B-8AF5-7F91E70E2A93}\mpengine.dll
2012-06-21 01:15:29 -------- d-----w- C:\Program Files\Verizon
2012-06-21 01:15:04 260 ----a-w- C:\Windows\SysWow64\cmdVBS.vbs
2012-06-21 01:15:04 256 ----a-w- C:\Windows\SysWow64\MSIevent.bat
2012-06-16 12:45:02 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-16 12:44:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2012-06-16 00:58:51 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-16 00:58:45 2767360 ----a-w- C:\Windows\System32\win32k.sys
2012-06-16 00:57:40 984064 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-16 00:57:40 1267200 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-16 00:57:39 174592 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-16 00:57:39 132096 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-16 00:57:38 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-16 00:57:38 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
.
==================== Find3M ====================
.
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll
2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 20:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 20:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-14 13:16:06 47616 ----a-w- C:\Windows\SysWow64\pdf995mon64.dll
2012-04-03 08:22:15 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-30 17:14:48 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 19:43:29.66 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/18/2008 3:46:37 AM
System Uptime: 6/22/2012 6:26:58 PM (1 hours ago)
.
Motherboard: Gateway | | RS780
Processor: AMD Phenom(tm) 9500 Quad-Core Processor | AM2 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 689 GiB total, 271.631 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0062
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0062
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
7500_7600_7700_Help
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.3
Adobe Shockwave Player 11
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.64.5
Battle for Wesnoth 1.8.6
BPD_HPSU
BPD_Scan
BPDSoftware
BPDSoftware_Ini
BrettspielWelt
BufferChm
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.4
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Carbonite
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-static
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Norwegian
CCC Help Spanish
CCC Help Swedish
Circle of Eight Modpack version 6.0.0 NC
Cisco AnyConnect VPN Client
Compatibility Pack for the 2007 Office system
Crusader Kings II
CustomerResearchQFolder
CyberLink LabelPrint
CyberLink Power2Go
Darwinia
Destination Component
Deus Ex: Human Revolution
DeviceDiscovery
DeviceManagementQFolder
Diablo III
DocProc
DocProcQFolder
Driver Robot 1.1.0.14
Elemental: War of Magic
Endless Space
eSupportQFolder
EVEREST Home Edition v2.20
EVGA Precision 1.3.0
Fax
Fraps
Futuremark SystemInfo
Galactic Civilizations II
GalCiv II - Dark Avatar
Gateway Games
Gateway Recovery Management
GEAR driver installer for x86 and x64
GearDrvs
GIMP 2.6.8
GIMPshop 2.2.8
Google Toolbar for Internet Explorer
Google Update Helper
H&R Block Basic + Efile 2009
H&R Block Deluxe + Efile + State 2010
H&R Block Deluxe + Efile + State 2011
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart Essential
HP Product Assistant
HP Update
HP_Network_UserGuide
HPDiagnosticAlert
HPProductAssistant
HPSSupply
IHA_MessageCenter
Impulse
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 5
Java(TM) 6 Update 7
KB0817 Keyboard Driver
L7500
MarketResearch
Marvell Miniport Driver
Master Of Magic
McAfee AntiVirus Plus
McAfee Security Scan Plus
Memorex exPressit Label Design Studio
Microsoft Document Explorer 2008
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2008 Standard Edition - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Works
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MPM
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTX
NovaBench 3.0.4
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oasis
OpenOffice.org Installer 1.0
Panzer Corps
Panzer General 2
PCMark05
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Picasa 3
Portal
ProductContext
Quicken 2010
QuickTime
Realtek Card Reader
Realtek High Definition Audio Driver
RegClean Pro
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Sid Meier's Alpha Centauri
Sid Meier's Civilization V
Silent Storm
Sins of a Solar Empire
Skins
SmartCopy
SmartLauncher
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Status
Steam
System Requirements Lab
TaxCut California 2008
TaxCut Premium + Efile 2008
Temple of Elemental Evil
The Elder Scrolls V: Skyrim
Toolbox
Torchlight
TrayApp
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office Word 2007 (KB974631)
Update for Office 2007 (KB946691)
VC Runtimes MSI
Verizon FiOS Activation
Verizon Servicepoint 3.7.44
Vz In Home Agent
WebReg
WinDirStat 1.1.2
WinZip 12.1
World of Warcraft
Yahoo! Install Manager
.
==== Event Viewer Messages From Past Week ========
.
6/22/2012 6:30:05 PM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
6/22/2012 6:29:02 PM, Error: Service Control Manager [7000] - The Intel(R) PRO/1000 NDIS 6 Adapter Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/22/2012 6:29:02 PM, Error: Service Control Manager [7000] - The int15 service failed to start due to the following error: A device attached to the system is not functioning.
6/22/2012 6:29:02 PM, Error: Service Control Manager [7000] - The Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/20/2012 8:30:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
6/20/2012 8:30:35 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux32 from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux32 from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
6/20/2012 7:05:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
6/16/2012 8:15:29 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/16/2012 8:15:29 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/16/2012 8:13:34 AM, Error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
6/16/2012 7:17:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64 (KB2656374).
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-77_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-76_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-75_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-74_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-73_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-72_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-71_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-70_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-69_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-68_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-67_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-66_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-65_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-64_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-63_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-62_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-61_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-60_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-59_neutral_PACKAGE from package KB2656374(Security Update) into Resolved(Resolved) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-59_neutral_PACKAGE from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-58_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-57_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-56_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-55_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-54_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-53_neutral_PACKAGE from package KB2656374(Security Update) into Resolved(Resolved) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-53_neutral_PACKAGE from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-4_neutral_GDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-4_neutral_GDR from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-3_neutral_LDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-232_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-231_neutral_PACKAGE from package KB2656374(Security Update) into Absent(Absent) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-230_neutral_PACKAGE from package KB2656374(Security Update) into Resolved(Resolved) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-230_neutral_PACKAGE from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-227_neutral_PACKAGE from package KB2656374(Security Update) into Resolved(Resolved) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-227_neutral_PACKAGE from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-2_neutral_GDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-2_neutral_GDR from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-16_neutral_GDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-16_neutral_GDR from package KB2656374(Security Update) into Installed(Installed) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-15_neutral_LDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 2656374-1_neutral_LDR from package KB2656374(Security Update) into Staged(Staged) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2656374 (Security Update) into Uninstall Requested(Uninstall Requested) state
6/16/2012 7:17:02 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2656374 (Security Update) into Install Requested(Install Requested) state
6/15/2012 7:26:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
6/15/2012 7:26:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect.
6/15/2012 7:26:40 PM, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/15/2012 7:17:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Lavasoft Ad-Aware Service service to connect.
6/15/2012 7:17:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
6/15/2012 7:17:43 PM, Error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/15/2012 7:17:43 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
rcm
Active Member
 
Posts: 7
Joined: June 22nd, 2012, 8:19 pm
Advertisement
Register to Remove

Re: Computer Running slow and Loud.

Unread postby askey127 » June 25th, 2012, 3:01 pm

Hi rcm,
You have too many Antivirus products. They will conflict with each other and slow down your PC.
Registry Boosters/Optimizers/Helpers/Cleaners should be avoided. They can break your machine.
We will replace vulnerable, obsolete programs here, add security settings, and run a scan.
Please perform these steps, one at a time, in the order given.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Uniblue RegistryBooster
Uniblue SpeedUpMyPC
McAfee Security Scan Plus
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Adobe Reader 9.3
Ad-Aware

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://www.oracle.com/technetwork/java/javase/downloads/index.html, and install it to your computer.
Under Java Platform, Standard Edition, labeled Java SE 7u5, click on the button labeled Download JRE. Do NOT choose the button labeled "Download JDK". If it won't allow you to get past the "Agree to the license" dialog, you will need to set your browser to temporarily allow scripts.
Check the button to agree to the license.
Select the link for your Platform, Windows x64 for 64-bit, and click it.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, and it will install the newest version of Java for you to use.

During installation, be certain to Uncheck and Refuse any offer for "partner software" or toolbars.
When it finishes, you can remove the Installer from your desktop.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 10.1 are vulnerable.
Go HERE to download AdbeRdr1013_en_US.exe
Save the file to your desktop and run it to install the latest version of Adobe Reader.
After the new Reader is installed, Open Adobe Reader X, as it is called, and OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
When it finishes, you can remove the Installer from your desktop.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

So we are looking for the contents of the logs OTL.txt and Extras.txt.
Let me know how it goes.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Computer Running slow and Loud.

Unread postby rcm » June 25th, 2012, 9:16 pm

Hi askey127,
Thank you very much for your help.

I followed your instructions, and except for a strange freeze up that required me to do a manual shutdown when I was copying the OTL from the downloads to the desktop, it went fine.

EXTRAS.TXT
---
OTL Extras logfile created on: 6/25/2012 7:47:36 PM - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\memmott\Desktop\Computer Profiling
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.08 Gb Available Physical Memory | 76.08% Memory free
16.05 Gb Paging File | 13.92 Gb Available in Paging File | 86.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688.87 Gb Total Space | 344.39 Gb Free Space | 49.99% Space Free | Partition Type: NTFS

Computer Name: MEMMOTT-PC | User Name: memmott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 62 87 89 0E 9A 60 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22E7D88C-0367-4BAF-811B-60D2702F9248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{294B6210-4552-4A4A-A650-27BDB44B89DD}" = rport=139 | protocol=6 | dir=out | app=system |
"{3274A887-78EE-4866-BEFE-AFBDE05FC751}" = lport=139 | protocol=6 | dir=in | app=system |
"{37482691-2C2E-48E9-B311-F188E75F9929}" = rport=138 | protocol=17 | dir=out | app=system |
"{3A6B2568-36AF-4B37-8465-9CF64C6C60E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B54290B-2081-4DD3-ACFB-DC6A828755B1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D1A80F5-B03C-472E-9A19-B4ADCD70D755}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C9A0515-A5E9-481D-A509-4EB3920D2473}" = lport=445 | protocol=6 | dir=in | app=system |
"{57A33316-89B7-4FAD-B1D3-304B0C19DA2D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5AFE6E32-BD67-48E2-82F7-9F76C29A8EAE}" = rport=445 | protocol=6 | dir=out | app=system |
"{5E91E763-1444-4699-9021-6F4642705180}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{697E560D-144A-4FBE-9E90-031C59E846F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{702C7EC3-8AC5-4728-9522-77E444678C53}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8660075C-DD5D-492F-9290-41E2CF519DF1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8B49B213-7A37-4058-B0D6-EA2F0972BD04}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D37CC28-FC38-426A-98D1-318E3A5EAB1D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB54B2B9-7DBC-4325-A133-7A34DFA6725B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{F0B9427C-8A5A-4E3D-9E4C-7A5B2898E93E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F57AE22E-B76E-46B0-B621-C9C7DCD27A16}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F8B4F8ED-BF63-45AF-B837-734C2252A89B}" = rport=137 | protocol=17 | dir=out | app=system |
"{FAB70B8B-F296-461F-AE66-934A7C6D3EAE}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0098F731-BC6A-4694-82C0-AB4429EF417B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe |
"{02A55E15-EAD6-4E64-B854-B5C6ABE5B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\rcmemmott\disciples ii rise of the elves\scenedit.exe |
"{02FF2B8E-7B60-47B7-9830-8E8FDE25039D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp4.bat |
"{09D6D062-C8F2-456B-9B29-CADBE71F9E38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09F1781C-E99F-4CA1-9323-40FF6D1FE3BA}" = protocol=6 | dir=out | app=system |
"{0C059B48-D6A8-4CBD-8ADC-D0124372CBE5}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0D260460-F493-491B-AE39-D1D4E2751697}" = protocol=17 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{180E02D1-4BC5-46F6-9A58-0E4B96676E6E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A59F376-8837-4F9C-A3A7-9EF97960E9F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe |
"{1F449A34-A496-42E9-AC8C-27EAE09462BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\keen 2.bat |
"{1FD683FC-819D-4C41-9257-F98479F443C0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2285A607-1DFC-425B-A97E-6682D76BF836}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{25CCB294-EECF-4AF6-B76F-DFDD6ACAE0B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{25EBD1E1-F2CB-4C04-96F0-F94F52287625}" = protocol=6 | dir=in | app=c:\program files (x86)\stardock games\elemental\elemental.exe |
"{2734EEB2-D394-464E-A4B9-57BE7C1B0C27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{28678021-9ACC-406B-B9E8-70C2814E99C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"{2C748A9A-FC2E-4D16-AC39-6A6394988009}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2E59354A-F4C3-45C2-A115-B6C484D20514}" = protocol=17 | dir=in | app=c:\program files (x86)\stardock games\elemental\elemental.exe |
"{359F79AE-7172-4FC1-9E74-A460F37C5E3E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp3.bat |
"{3CCC6F3C-C2A5-4A48-99A1-4CEB9308A1E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3DD6B1FB-3B08-45FE-817A-F78D6DA34633}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4168B1C9-E41D-4230-89C0-EA26CEFA4915}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41F9573D-288C-4E9F-A001-52F4FF13F6C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{445248F5-6EB0-4449-BE14-F24B56A672F3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{44FCBC74-FFC9-4BB3-89AE-668820058A3F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{457C718A-E084-419B-A696-4C09691EFE15}" = protocol=6 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{467BB436-4A5F-47DB-949B-44A272232F61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{53B365D7-5183-49C8-B96D-8FB4EA184CA7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{648D323E-766C-4E24-9A85-BFF678D6FA45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{6767A22A-7E18-4597-858B-B132A5BC9F34}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6CA6129C-49DD-4119-B2C2-006E1F33B81B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6D6D3161-86BB-4278-B1A2-11A140E1280C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\rcmemmott\disciples ii rise of the elves\scenedit.exe |
"{6E9C4F8A-3688-43C3-A0AB-4041F68FCB23}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{758066D8-31EA-4BE2-92BA-6EE28669737A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{7A40F606-B554-419D-B07D-93123EAD5B0F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7CE8F52C-EC3A-46DD-9232-30D5F6E1A06B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7DDA8BB6-D77A-4C04-9182-2514FB9FDF32}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{80302717-662A-4E50-8EF7-69DA140050E3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{814ADE59-6E2C-445E-806C-2DF2284266F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{82063233-91D1-4677-A908-A0346BE6DF57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp5.bat |
"{836FCADE-76AC-423D-AC86-66C06E206443}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{8454BAE7-C436-4758-9E69-A1EC05450D37}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8DF4D494-5153-4DBC-803A-23410B15DD65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90CF1B11-32E4-4F59-BACC-25507F1ADD1F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{9223C0A3-D041-4AAF-AB20-4220D46A9DAD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A056F28D-5858-4FE7-AEEB-CBA3CE9BC467}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A1489B0B-BD96-470B-8202-82C7B222F1E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A15A6FC7-524F-45E2-ADBD-303F489A969C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp4.bat |
"{A217F337-585C-4687-9709-A2A3C4A79E17}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A63ECC35-A042-4B08-A6BB-1A2FB236EF22}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hoard\win32\reuben.exe |
"{A6F5FF37-0287-41E6-B182-EC34E10C92FE}" = protocol=17 | dir=in | app=c:\program files (x86)\verizon\vsp\servicepointservice.exe |
"{AA04D092-13AA-486D-AECD-1778CE96079E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B669892B-48D5-437F-AFDE-73BB91E08CC4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"{B9966379-9ED9-427B-887D-F6EEC5C00A07}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hoard\win32\reuben.exe |
"{C170C5E2-FF85-4E26-A9D3-4919E8B14815}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C2AAD018-6139-4E0A-BAD6-DA34DB775B42}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{C712639C-3437-42B1-BED4-0F7486E7EACF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\keen 1.bat |
"{CB589A70-D118-45D8-81DB-49165BB03F11}" = protocol=6 | dir=in | app=c:\program files (x86)\verizon\vsp\servicepointservice.exe |
"{CF1168A2-E192-4996-8E54-5724DACB7611}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp5.bat |
"{D18CB980-149E-4CB6-8AB8-4BB973BB6CAB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\keen 1.bat |
"{D22BF242-3F2C-4C1F-A0DB-3B0D1DC2ED14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D945F217-3733-4A18-A746-4A6D8FCAD990}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E38D86B2-3032-4AF9-BB19-61187B44E5F8}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{E4DDC74C-3B4B-42AD-AFC5-23E0E5F8D097}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E693CE52-68BD-4B0B-BF2B-145552DFF299}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F07A5979-11C2-4DF3-B0E9-BCA397A04C93}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\testapp3.bat |
"{F2229A8D-7652-4CF1-A34C-6C1DE59E522C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commander keen\keen 2.bat |
"{F3DAB5F2-D775-4E00-A23F-1AC814604D44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F75BB940-2C71-49CB-9192-AD6404446BE9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{30E3B3DA-8B31-4285-AF9F-A81B50BD818E}C:\program files (x86)\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe |
"TCP Query User{B08A9198-5F02-4DE4-8BBE-3B2F21EFF44C}I:\techwizard.exe" = protocol=6 | dir=in | app=i:\techwizard.exe |
"TCP Query User{D40C1CBB-A5D2-4229-9630-3E7AE2400748}C:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe |
"UDP Query User{47BE8147-656D-4FE4-B30A-D1B819F4E83C}C:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe |
"UDP Query User{9E10694C-2B04-4CC2-A698-EB0642E1A00D}C:\program files (x86)\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe |
"UDP Query User{B982BCBF-92D5-4E28-A69C-93611D3F4D7C}I:\techwizard.exe" = protocol=17 | dir=in | app=i:\techwizard.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{090A4D4C-24B2-4248-BFF2-AC30D2E0676B}" = Marvell(R) Wireless Card Software Package
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1EB8079C-2F30-3A6E-A76A-9758C4F1CD21}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{50822200-2E95-4E62-A8D8-41C3B308DF5E}" = Microsoft SQL Server VSS Writer
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{6361EA0C-499F-40C0-6924-A8D974784908}" = ccc-utility64
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E740973-8E71-42F9-A910-C18452E60450}" = Microsoft SQL Server Native Client
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{816EB8D3-C431-5997-8A7B-99EED8D88C99}" = ATI Catalyst Install Manager
"{868EA922-5675-4E91-BDA6-BBD0F923C5EF}" = HP Officejet Pro All-In-One Series
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{DDEDFD63-E430-4b0c-8D61-5E4E7280F027}" = Network64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0204009C-53D7-67E6-6631-62A1DBD66BCA}" = Catalyst Control Center Localization German
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010
"{14911AD7-62FA-2DF7-961A-314786398DDD}" = Catalyst Control Center Localization Danish
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18960408-D04F-61BB-802E-13851583716E}" = CCC Help French
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1FF2E7A9-824F-8B73-6332-C9DD19B08A67}" = CCC Help Finnish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23638DF5-41EF-7AEC-8AEB-2C7B4A298D05}" = CCC Help Norwegian
"{26D08718-801F-2F78-B5DC-78D50714AA95}" = Catalyst Control Center Localization French
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2B462A9D-286B-0A4F-6FB8-E71B39AB3978}" = Catalyst Control Center Localization Spanish
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D38E148-989C-9E77-E655-328FE0726761}" = Catalyst Control Center Localization Finnish
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{3594EE90-B157-4519-9E82-8B6F4711A0A1}" = Catalyst Control Center - Branding
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3770179C-38F3-A941-643C-5790E78D80C7}" = Skins
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{482020CC-FEF7-9392-69F0-6C6F26FD7BCD}" = Catalyst Control Center Localization Japanese
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4D19B0D8-896C-96AE-27B2-98B8B3997EBD}" = Catalyst Control Center Graphics Light
"{4FB600F5-C478-4DF7-A2BC-57D3807BAC91}" = BPDSoftware_Ini
"{5104B07C-6A3D-4E7E-8BBB-960B52554BDD}" = BPD_HPSU
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57634571-FD82-4BEC-B822-A1ED7765474F}_is1" = SmartLauncher
"{5ADE38D8-1B9C-6F79-C88F-A84B01E4175C}" = CCC Help Dutch
"{5C104E56-A441-429D-A609-D8A46EB92EA1}" = PCMark05
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{5F64E152-51C1-47B4-BEA8-007D73C7460F}" = Cisco AnyConnect VPN Client
"{600494AA-0E7B-6F10-9426-AFF9914CA403}" = Catalyst Control Center Graphics Full New
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6549AA0C-6D93-4E76-9A13-6A6A0AA4FD6D}" = TaxCut California 2008
"{6583D00E-0924-4950-8BE9-5D09FE70B333}" = MTX
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68C96BC9-EB2A-C0F1-0BAE-8E7FACD1CC52}" = Catalyst Control Center Core Implementation
"{69897DB3-8AA0-AB8B-C41F-5F18CE08DD10}" = CCC Help German
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B875C3E-AEA7-4D5F-9D15-6E63E16BCC66}_is1" = Circle of Eight Modpack version 6.0.0 NC
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76A38425-741A-415C-96CF-AAD907FAB421}" = Vz In Home Agent
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79207BEE-6CD3-483C-824C-944663BACAC4}" = TaxCut Premium + Efile 2008
"{7BBEF4EB-4996-3B90-1F79-0CED09C781F5}" = Catalyst Control Center Localization Swedish
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C95F789-0941-CBF8-A906-507E1F938B23}" = Catalyst Control Center Localization Dutch
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88603FC0-6B3C-442D-981E-E3D49F083548}_is1" = NovaBench 3.0.4
"{8868D822-2CBA-46B2-A286-B400B6185769}" = 7500_7600_7700_Help
"{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}" = MPM
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92A0792A-E771-4C4A-9A4A-C2917AA19EEA}" = H&R Block Basic + Efile 2009
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9D05E935-B635-73BC-1320-80496C7EC481}" = CCC Help English
"{9DE36FF9-B4DC-76E5-DE1A-D940D5BB1E83}" = CCC Help Danish
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.14
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A495D4DC-4036-4914-9CB2-0FCF6A3166EF}" = L7500
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AD80F06B-0F21-4EEE-934D-BEF0D21E6383}" = Temple of Elemental Evil
"{B3920458-4EA6-A26B-7621-AB086AC4086D}" = CCC Help Spanish
"{B7BC1735-B009-2946-AA94-2A60190616BE}" = Catalyst Control Center Localization Norwegian
"{B7BD291B-D415-4484-89A4-82077504BE93}_is1" = SmartCopy
"{B8CCF37C-4C5D-0B17-1472-FEDB3D88F9E8}" = CCC Help Japanese
"{B9D218EA-982B-53A2-BEEA-EF4C08DDD3DB}" = Catalyst Control Center Localization Italian
"{BB034FA9-BC86-7231-4618-B30918CD43F7}" = CCC Help Swedish
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BE709AB0-E637-D304-F30C-B4B84F496DA7}" = ccc-core-static
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1E7BB59-E1BE-CC2F-32B8-F0EAB1322BC4}" = CCC Help Italian
"{C55C9458-6FAA-0DA2-3F35-CAD71AA13A89}" = Catalyst Control Center Graphics Full Existing
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}" = H&R Block Deluxe + Efile + State 2011
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D219BE4E-4B67-4354-AB10-3EF90A0CC883}" = Silent Storm
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DEB9AEF7-3ADA-40a9-9C98-546D54FE9CBD}" = ProductContext
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB1F488E-AB5E-DB3A-A144-51802C2B0041}" = Catalyst Control Center Graphics Previews Vista
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}" = KB0817 Keyboard Driver
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFC1B3CA-9B90-458D-AD7A-A0F2CD6F4A84}" = Realtek Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F434F50E-7614-3EA8-9008-2FB866B697DA}" = Microsoft Visual Studio 2008 Standard Edition - ENU
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AVerMedia M791 PCIe Combo NTSC/ATSC" = AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.64.5
"Battle for Wesnoth 1.8.6" = Battle for Wesnoth 1.8.6
"BSW" = BrettspielWelt
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Carbonite Backup" = Carbonite
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo III" = Diablo III
"DPP" = Canon Utilities Digital Photo Professional 3.4
"Elemental: War of Magic" = Elemental: War of Magic
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Galactic Civilizations II" = Galactic Civilizations II
"GalCiv II - Dark Avatar" = GalCiv II - Dark Avatar
"GIMPshop" = GIMPshop 2.2.8
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Impulse" = Impulse
"Marvell Miniport Driver" = Marvell Miniport Driver
"Master Of Magic_is1" = Master Of Magic
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2008 Standard Edition - ENU" = Microsoft Visual Studio 2008 Standard Edition - ENU
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee AntiVirus Plus
"MVApplication1" = Memorex exPressit Label Design Studio
"MyCamera" = Canon Utilities MyCamera
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oasis" = Oasis
"Panzer Corps1.00" = Panzer Corps
"Panzer General 2_is1" = Panzer General 2
"Pdf995" = Pdf995 (installed by H&R Block)
"PdfEdit995" = PdfEdit995 (installed by H&R Block)
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Precision" = EVGA Precision 1.3.0
"PROR" = Microsoft Office Professional 2007 Trial
"RadialpointClientGateway_is1" = Verizon Servicepoint 3.7.44
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RegClean Pro_is1" = RegClean Pro
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Runic Games Torchlight" = Torchlight
"Sid Meier's Alpha Centauri" = Sid Meier's Alpha Centauri
"Sins of a Solar Empire" = Sins of a Solar Empire
"Steam App 1500" = Darwinia
"Steam App 203770" = Crusader Kings II
"Steam App 208140" = Endless Space
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 400" = Portal
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"SystemRequirementsLab" = System Requirements Lab
"Verizon FiOS Activation_is1" = Verizon FiOS Activation
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WildTangent gateway Master Uninstall" = Gateway Games
"WinGimp-2.0_is1" = GIMP 2.6.8
"World of Warcraft" = World of Warcraft
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/24/2012 7:53:39 AM | Computer Name = memmott-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/24/2012 7:53:40 AM | Computer Name = memmott-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/24/2012 7:53:40 AM | Computer Name = memmott-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/24/2012 7:53:40 AM | Computer Name = memmott-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/24/2012 7:53:40 AM | Computer Name = memmott-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/28/2012 11:59:05 AM | Computer Name = memmott-PC | Source = VSS | ID = 8193
Description =

Error - 1/28/2012 11:59:05 AM | Computer Name = memmott-PC | Source = VSS | ID = 12291
Description =

Error - 1/28/2012 12:06:23 PM | Computer Name = memmott-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/1/2012 12:33:14 PM | Computer Name = memmott-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2/1/2012 12:33:14 PM | Computer Name = memmott-PC | Source = Windows Search Service | ID = 3013
Description =

[ Cisco AnyConnect VPN Client Events ]
Error - 6/23/2012 5:03:59 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331650
Description = Termination reason code 9: Client PC is shutting down.

Error - 6/23/2012 5:03:59 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: CVpnMgr::processEvents Return code: 0 File: .\MainThread.cpp
Line:
997 Description: fatal error, stopping service

Error - 6/23/2012 5:03:59 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: .\Agent.cpp Line:
686 Description: The handle is invalid.

Error - 6/24/2012 1:14:27 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331650
Description = Termination reason code 9: Client PC is shutting down.

Error - 6/24/2012 1:14:27 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: CVpnMgr::processEvents Return code: 0 File: .\MainThread.cpp
Line:
997 Description: fatal error, stopping service

Error - 6/24/2012 1:14:27 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: .\Agent.cpp Line:
686 Description: The handle is invalid.

Error - 6/25/2012 7:58:43 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331650
Description = Termination reason code 9: Client PC is shutting down.

Error - 6/25/2012 8:31:35 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331650
Description = Termination reason code 9: Client PC is shutting down.

Error - 6/25/2012 8:31:35 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: CVpnMgr::processEvents Return code: 0 File: .\MainThread.cpp
Line:
997 Description: fatal error, stopping service

Error - 6/25/2012 8:31:35 PM | Computer Name = memmott-PC | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: .\Agent.cpp Line:
686 Description: The handle is invalid.

[ System Events ]
Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/25/2012 8:31:34 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 6/25/2012 8:39:58 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/25/2012 8:39:58 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/25/2012 8:39:58 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/25/2012 8:41:32 PM | Computer Name = memmott-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

OTL.txt
--------
OTL logfile created on: 6/25/2012 7:47:36 PM - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\memmott\Desktop\Computer Profiling
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.08 Gb Available Physical Memory | 76.08% Memory free
16.05 Gb Paging File | 13.92 Gb Available in Paging File | 86.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688.87 Gb Total Space | 344.39 Gb Free Space | 49.99% Space Free | Partition Type: NTFS

Computer Name: MEMMOTT-PC | User Name: memmott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/25 19:22:45 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\memmott\Desktop\Computer Profiling\OTL.exe
PRC - [2012/04/15 16:04:44 | 000,374,368 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2008/05/30 12:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe
PRC - [2008/04/23 19:05:16 | 000,339,968 | ---- | M] (Creative) -- C:\Windows\CNYHKey.exe
PRC - [2008/02/01 13:04:50 | 000,057,344 | ---- | M] (Chicony) -- C:\Windows\ChiFuncExt.exe


========== Modules (No Company Name) ==========

MOD - [2011/04/14 20:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2008/05/30 12:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/10/20 20:56:44 | 006,359,184 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/07/22 09:12:08 | 000,902,656 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2007/06/29 10:11:36 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2012/06/25 19:09:56 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/20 20:27:48 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/03/25 21:23:58 | 000,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/09 03:05:19 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/06/17 15:02:03 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vpnva64.sys -- (vpnva)
DRV:64bit: - [2008/09/17 15:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:64bit: - [2008/08/12 19:13:23 | 000,181,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/08/05 03:03:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/07/22 09:58:24 | 004,647,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/06/04 01:06:54 | 000,204,288 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RTS5121.sys -- (RSUSBSTOR)
DRV:64bit: - [2008/04/27 20:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2007/06/29 10:11:24 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/20 05:32:58 | 001,478,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/06/20 05:30:22 | 000,409,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2007/06/20 05:29:14 | 000,740,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/04/10 03:51:10 | 000,432,256 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVer88xHD64.sys -- (AVer88xHD)
DRV:64bit: - [2006/06/19 01:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 13:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b= ... =lx6200-01
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b= ... =lx6200-01
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wapp.verizon.net/bookmarks/bmred ... bm=yh_home
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_en
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\memmott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/03/14 15:52:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/03/10 14:43:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/05/20 15:39:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/25 19:09:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/25 19:19:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/25 19:09:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/25 19:19:31 | 000,000,000 | ---D | M]

[2008/11/16 13:54:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\memmott\AppData\Roaming\Mozilla\Extensions
[2012/05/25 16:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions
[2011/04/12 19:55:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/27 12:06:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/05/19 14:13:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/05/19 14:10:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/20 15:39:40 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/06/25 19:09:58 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010/05/15 16:46:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/25 19:09:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/06 18:12:22 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/25 19:09:50 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120506124356.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120520085435.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LedKey] C:\Windows\CNYHKey.exe (Creative)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-812941209-3627781599-505106765-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-812941209-3627781599-505106765-1004..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F04EDED7-5A79-47A9-A43D-951D8E8A6AC5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\memmott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\memmott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/25 19:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/25 19:16:22 | 000,268,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/06/25 19:16:05 | 000,189,360 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/06/25 19:16:05 | 000,188,840 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/06/22 19:30:15 | 000,000,000 | ---D | C] -- C:\Users\memmott\AppData\Roaming\WinPatrol
[2012/06/22 19:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/06/22 19:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/06/22 19:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/06/22 19:08:19 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Music
[2012/06/22 19:04:23 | 000,000,000 | ---D | C] -- C:\From Sarahs Old Computer
[2012/06/22 18:53:16 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Pictures
[2012/06/22 18:33:10 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Computer Profiling
[2012/06/20 20:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2012/06/20 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2012/06/20 19:02:54 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/20 19:02:54 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/20 19:02:54 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/20 19:02:32 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/20 19:02:32 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012/06/20 19:02:32 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/20 19:02:32 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012/06/20 19:02:32 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/20 19:02:32 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012/06/20 19:02:22 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/20 19:02:22 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012/06/20 19:02:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/20 19:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012/06/16 07:45:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/16 07:45:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/16 07:45:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/16 07:45:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/16 07:44:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/16 07:44:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/16 07:44:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/16 07:44:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/16 07:44:58 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/16 07:44:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/16 07:44:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/16 07:44:57 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/16 07:44:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/16 07:44:28 | 000,000,000 | ---D | C] -- C:\Users\memmott\Documents\Endless Space
[2012/06/15 19:57:40 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/15 19:57:39 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/25 19:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/25 19:39:22 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/25 19:39:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/06/25 19:38:38 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 19:38:38 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 19:38:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 19:19:33 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/25 19:15:49 | 000,268,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/06/25 19:15:49 | 000,189,360 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/06/25 19:15:49 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/06/25 19:15:36 | 000,955,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012/06/25 19:15:36 | 000,839,096 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/06/25 15:01:17 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/06/22 18:50:25 | 000,000,219 | ---- | M] () -- C:\Users\memmott\Desktop\Portal.url
[2012/06/20 20:15:04 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/06/20 20:15:04 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/06/20 18:58:05 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/20 18:58:05 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/16 08:05:48 | 000,341,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/16 07:37:56 | 000,836,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/16 07:37:56 | 000,687,116 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/16 07:37:56 | 000,136,302 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/02 17:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 17:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 17:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 17:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012/06/02 17:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 17:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012/06/02 17:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 17:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 17:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/25 19:19:33 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/25 19:19:33 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/22 18:50:25 | 000,000,219 | ---- | C] () -- C:\Users\memmott\Desktop\Portal.url
[2012/06/20 20:15:04 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/06/20 20:15:04 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/04/14 08:17:25 | 000,051,368 | ---- | C] () -- C:\Users\memmott\combined 2011 Tax Return.T11
[2012/04/14 08:16:18 | 000,000,142 | ---- | C] () -- C:\Windows\wpd99.drv
[2012/04/14 08:16:06 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/28 10:06:17 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/02/28 10:06:17 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/12/30 11:58:04 | 000,008,403 | ---- | C] () -- C:\Users\memmott\.recently-used.xbel
[2011/02/19 12:00:56 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/02/04 19:14:30 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/12/24 19:29:18 | 000,000,124 | ---- | C] () -- C:\Windows\WinInit.Ini
[2009/11/08 10:38:45 | 000,406,308 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/08 10:38:45 | 000,406,308 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/30 09:51:23 | 000,000,000 | ---- | C] () -- C:\Users\memmott\.gtk-bookmarks
[2009/05/24 13:07:09 | 000,003,584 | ---- | C] () -- C:\Users\memmott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/18 17:48:45 | 000,561,685 | ---- | C] () -- C:\Users\memmott\.fonts.cache-1
[2009/01/10 12:37:03 | 000,000,680 | ---- | C] () -- C:\Users\memmott\AppData\Local\d3d9caps.dat
[2008/11/16 14:29:50 | 000,000,600 | ---- | C] () -- C:\Users\memmott\AppData\Local\PUTTY.RND
[2008/11/16 13:15:15 | 000,000,732 | ---- | C] () -- C:\Users\memmott\AppData\Local\d3d9caps64.dat

========== LOP Check ==========

[2012/04/14 12:18:23 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\.visualvm
[2009/02/07 10:20:55 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Black Sea Studios
[2009/11/08 10:06:20 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Blitware
[2012/06/10 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\BSW
[2008/12/22 21:54:05 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Canon
[2011/02/09 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\DocClockGame
[2010/01/16 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\GetRightToGo
[2011/12/30 11:57:05 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\gtk-2.0
[2011/12/30 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Image Zone Express
[2011/12/10 10:05:18 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Kalypso Media
[2011/02/19 10:07:07 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Leadertech
[2009/01/10 09:23:49 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Mind Control Software
[2011/10/30 10:51:31 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\MinMaxGames
[2009/01/10 09:24:03 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\PlayFirst
[2009/06/22 19:42:08 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Printer Info Cache
[2009/10/28 20:18:16 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\runic games
[2009/05/10 15:30:00 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Stardock
[2009/11/08 10:12:10 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\SystemRequirementsLab
[2012/05/19 13:42:50 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Systweak
[2012/03/03 09:27:28 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\TaxCut
[2010/06/07 10:26:15 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\TechWizard
[2009/03/06 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\The Creative Assembly
[2008/12/08 21:20:54 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Tilted Mill
[2010/11/27 16:32:11 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Tropico 3
[2010/06/11 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Uniblue
[2012/04/07 12:21:04 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Unity
[2011/02/04 19:00:04 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\WildTangent
[2012/06/22 19:30:15 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\WinPatrol
[2012/06/25 15:01:17 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012/05/19 14:02:41 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012/06/25 19:31:36 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >


Thank you for your help.
rcm
Active Member
 
Posts: 7
Joined: June 22nd, 2012, 8:19 pm

Re: Computer Running slow and Loud.

Unread postby askey127 » June 26th, 2012, 6:39 am

rcm,
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

RegClean Pro

Take extra care in answering questions posed by any Uninstaller.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code: Select all
    :OTL
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\S-1-5-21-812941209-3627781599-505106765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    @Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF
    
    :Files
    C:\Users\memmott\AppData\Roaming\Blitware
    C:\Users\memmott\AppData\Roaming\Uniblue
    C:\Windows\Tasks\RegClean Pro_UPDATES.job
    C:\Windows\Tasks\RegClean Pro_DEFAULT.job
    ipconfig /flushdns /c
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
----------------------------------------------
Disable CD Emulator(s)
We need to use powerful tools to investigate your system. *If* you are are using a CD Emulator (Daemon Tools, Alcohol 120%, Astroburn, AnyDVD) be aware that they use hidden drivers with rootkit-like techniques to hide from other applications. When dealing with a malware infections, CD Emulators can interfere with investigative tools producing misleading or inaccurate scan results, false detection of legitimate files, cause unexpected crashes, BSODs, and general 'dross' which often makes it hard to differentiate between malicious rootkits and the legitimate drivers used by Emulators. Since the hidden drivers from CD Emulators can be seen as a rootkit, we need to remove or disable them until disinfection is completed.

Please download DeFogger by jpshortstuff and save it to your desktop.
  • Double click DeFogger.exe to run the tool.
  • The application window will appear.
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue.
  • A 'Finished!' message will appear.
  • Click OK...DeFogger will now ask to reboot the machine...click OK. If not, reboot manually.
  • Do not re-enable these drivers until instructed or your system has been cleaned.
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    (Vista - W7 users: Right-click and select "Run As Administrator")
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

So we are looking for the OTL log, and the Log generated by TDSSKiller.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Computer Running slow and Loud.

Unread postby rcm » June 26th, 2012, 8:25 pm

Sorry, I thought I'd uninstalled the registry cleaner before but I guess I missed it.
I followed your steps.
It doesn't seem like TDSSKILLER found anything.

OTL
----
OTL logfile created on: 6/26/2012 6:54:28 PM - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\memmott\Desktop\Computer Profiling
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.08 Gb Available Physical Memory | 76.04% Memory free
16.05 Gb Paging File | 13.87 Gb Available in Paging File | 86.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688.87 Gb Total Space | 337.12 Gb Free Space | 48.94% Space Free | Partition Type: NTFS

Computer Name: MEMMOTT-PC | User Name: memmott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/25 19:22:45 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\memmott\Desktop\Computer Profiling\OTL.exe
PRC - [2012/06/25 19:09:57 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/15 16:04:44 | 000,374,368 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2008/05/30 12:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe
PRC - [2008/04/23 19:05:16 | 000,339,968 | ---- | M] (Creative) -- C:\Windows\CNYHKey.exe
PRC - [2008/02/01 13:04:50 | 000,057,344 | ---- | M] (Chicony) -- C:\Windows\ChiFuncExt.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/25 19:09:56 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/04/14 20:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2008/05/30 12:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/10/20 20:56:44 | 006,359,184 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/07/22 09:12:08 | 000,902,656 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2007/06/29 10:11:36 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2012/06/25 19:09:56 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/20 20:27:48 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/03/25 21:23:58 | 000,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/09 03:05:19 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/06/17 15:02:03 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vpnva64.sys -- (vpnva)
DRV:64bit: - [2008/09/17 15:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:64bit: - [2008/08/12 19:13:23 | 000,181,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/08/05 03:03:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/07/22 09:58:24 | 004,647,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/06/04 01:06:54 | 000,204,288 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RTS5121.sys -- (RSUSBSTOR)
DRV:64bit: - [2008/04/27 20:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2007/06/29 10:11:24 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/20 05:32:58 | 001,478,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/06/20 05:30:22 | 000,409,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2007/06/20 05:29:14 | 000,740,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/04/10 03:51:10 | 000,432,256 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVer88xHD64.sys -- (AVer88xHD)
DRV:64bit: - [2006/06/19 01:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 13:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b= ... =lx6200-01
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b= ... =lx6200-01
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wapp.verizon.net/bookmarks/bmred ... bm=yh_home
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\memmott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/03/14 15:52:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/03/10 14:43:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/06/26 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/25 19:09:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/25 19:19:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/25 19:09:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/25 19:19:31 | 000,000,000 | ---D | M]

[2008/11/16 13:54:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\memmott\AppData\Roaming\Mozilla\Extensions
[2012/05/25 16:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions
[2011/04/12 19:55:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/27 12:06:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/05/19 14:13:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\memmott\AppData\Roaming\Mozilla\Firefox\Profiles\cumntpmt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/05/19 14:10:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/26 18:10:45 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/06/25 19:09:58 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010/05/15 16:46:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/25 19:09:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/06 18:12:22 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/25 19:09:50 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120625215514.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625215514.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LedKey] C:\Windows\CNYHKey.exe (Creative)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F04EDED7-5A79-47A9-A43D-951D8E8A6AC5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\memmott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\memmott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/26 18:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/26 18:20:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/22 19:30:15 | 000,000,000 | ---D | C] -- C:\Users\memmott\AppData\Roaming\WinPatrol
[2012/06/22 19:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/06/22 19:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/06/22 19:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/06/22 19:08:19 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Music
[2012/06/22 19:04:23 | 000,000,000 | ---D | C] -- C:\From Sarahs Old Computer
[2012/06/22 18:53:16 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Pictures
[2012/06/22 18:33:10 | 000,000,000 | ---D | C] -- C:\Users\memmott\Desktop\Computer Profiling
[2012/06/20 20:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2012/06/20 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2012/06/16 07:44:28 | 000,000,000 | ---D | C] -- C:\Users\memmott\Documents\Endless Space

========== Files - Modified Within 30 Days ==========

[2012/06/26 18:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 18:48:41 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 18:47:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/06/26 18:46:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 18:46:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 18:46:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 19:19:33 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/22 18:50:25 | 000,000,219 | ---- | M] () -- C:\Users\memmott\Desktop\Portal.url
[2012/06/20 20:15:04 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/06/20 20:15:04 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/06/20 18:58:05 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/20 18:58:05 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/16 08:05:48 | 000,341,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/16 07:37:56 | 000,836,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/16 07:37:56 | 000,687,116 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/16 07:37:56 | 000,136,302 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012/06/25 19:19:33 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/25 19:19:33 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/22 18:50:25 | 000,000,219 | ---- | C] () -- C:\Users\memmott\Desktop\Portal.url
[2012/06/20 20:15:04 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/06/20 20:15:04 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/04/14 08:17:25 | 000,051,368 | ---- | C] () -- C:\Users\memmott\combined 2011 Tax Return.T11
[2012/04/14 08:16:18 | 000,000,142 | ---- | C] () -- C:\Windows\wpd99.drv
[2012/04/14 08:16:06 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/28 10:06:17 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/02/28 10:06:17 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/12/30 11:58:04 | 000,008,403 | ---- | C] () -- C:\Users\memmott\.recently-used.xbel
[2011/02/19 12:00:56 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/02/04 19:14:30 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/12/24 19:29:18 | 000,000,124 | ---- | C] () -- C:\Windows\WinInit.Ini
[2009/11/08 10:38:45 | 000,406,308 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/08 10:38:45 | 000,406,308 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/30 09:51:23 | 000,000,000 | ---- | C] () -- C:\Users\memmott\.gtk-bookmarks
[2009/05/24 13:07:09 | 000,003,584 | ---- | C] () -- C:\Users\memmott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/18 17:48:45 | 000,561,685 | ---- | C] () -- C:\Users\memmott\.fonts.cache-1
[2009/01/10 12:37:03 | 000,000,680 | ---- | C] () -- C:\Users\memmott\AppData\Local\d3d9caps.dat
[2008/11/16 14:29:50 | 000,000,600 | ---- | C] () -- C:\Users\memmott\AppData\Local\PUTTY.RND
[2008/11/16 13:15:15 | 000,000,732 | ---- | C] () -- C:\Users\memmott\AppData\Local\d3d9caps64.dat

========== LOP Check ==========

[2012/04/14 12:18:23 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\.visualvm
[2009/02/07 10:20:55 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Black Sea Studios
[2012/06/10 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\BSW
[2008/12/22 21:54:05 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Canon
[2011/02/09 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\DocClockGame
[2010/01/16 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\GetRightToGo
[2011/12/30 11:57:05 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\gtk-2.0
[2011/12/30 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Image Zone Express
[2011/12/10 10:05:18 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Kalypso Media
[2011/02/19 10:07:07 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Leadertech
[2009/01/10 09:23:49 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Mind Control Software
[2011/10/30 10:51:31 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\MinMaxGames
[2009/01/10 09:24:03 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\PlayFirst
[2009/06/22 19:42:08 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Printer Info Cache
[2009/10/28 20:18:16 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\runic games
[2009/05/10 15:30:00 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Stardock
[2009/11/08 10:12:10 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\SystemRequirementsLab
[2012/06/26 18:18:17 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Systweak
[2012/03/03 09:27:28 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\TaxCut
[2010/06/07 10:26:15 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\TechWizard
[2009/03/06 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\The Creative Assembly
[2008/12/08 21:20:54 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Tilted Mill
[2010/11/27 16:32:11 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Tropico 3
[2012/04/07 12:21:04 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\Unity
[2011/02/04 19:00:04 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\WildTangent
[2012/06/22 19:30:15 | 000,000,000 | ---D | M] -- C:\Users\memmott\AppData\Roaming\WinPatrol
[2012/06/26 18:23:33 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


TDSSKILLER log
---------------
19:19:02.0707 5044 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
19:19:03.0713 5044 ============================================================
19:19:03.0713 5044 Current date / time: 2012/06/26 19:19:03.0713
19:19:03.0713 5044 SystemInfo:
19:19:03.0713 5044
19:19:03.0713 5044 OS Version: 6.0.6002 ServicePack: 2.0
19:19:03.0713 5044 Product type: Workstation
19:19:03.0713 5044 ComputerName: MEMMOTT-PC
19:19:03.0714 5044 UserName: memmott
19:19:03.0714 5044 Windows directory: C:\Windows
19:19:03.0714 5044 System windows directory: C:\Windows
19:19:03.0714 5044 Running under WOW64
19:19:03.0714 5044 Processor architecture: Intel x64
19:19:03.0714 5044 Number of processors: 4
19:19:03.0714 5044 Page size: 0x1000
19:19:03.0714 5044 Boot type: Normal boot
19:19:03.0714 5044 ============================================================
19:19:06.0303 5044 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:06.0335 5044 ============================================================
19:19:06.0335 5044 \Device\Harddisk0\DR0:
19:19:06.0358 5044 MBR partitions:
19:19:06.0358 5044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x561BC800
19:19:06.0358 5044 ============================================================
19:19:06.0387 5044 C: <-> \Device\Harddisk0\DR0\Partition0
19:19:06.0387 5044 ============================================================
19:19:06.0387 5044 Initialize success
19:19:06.0387 5044 ============================================================
19:19:18.0813 4672 ============================================================
19:19:18.0813 4672 Scan started
19:19:18.0813 4672 Mode: Manual;
19:19:18.0813 4672 ============================================================
19:19:21.0634 4672 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:19:21.0700 4672 ACPI - ok
19:19:21.0843 4672 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:21.0845 4672 AdobeARMservice - ok
19:19:22.0000 4672 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:19:22.0065 4672 adp94xx - ok
19:19:22.0097 4672 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:19:22.0116 4672 adpahci - ok
19:19:22.0245 4672 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:19:22.0280 4672 adpu160m - ok
19:19:22.0434 4672 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:19:22.0495 4672 adpu320 - ok
19:19:22.0548 4672 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:19:22.0549 4672 AeLookupSvc - ok
19:19:22.0668 4672 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:19:22.0718 4672 AFD - ok
19:19:22.0841 4672 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:19:22.0844 4672 agp440 - ok
19:19:22.0882 4672 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:19:22.0887 4672 aic78xx - ok
19:19:22.0921 4672 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:19:22.0925 4672 ALG - ok
19:19:22.0941 4672 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:19:22.0943 4672 aliide - ok
19:19:22.0960 4672 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:19:22.0963 4672 amdide - ok
19:19:22.0983 4672 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:19:22.0986 4672 AmdK8 - ok
19:19:23.0016 4672 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:19:23.0019 4672 Appinfo - ok
19:19:23.0500 4672 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:23.0502 4672 Apple Mobile Device - ok
19:19:23.0584 4672 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:19:23.0588 4672 arc - ok
19:19:23.0625 4672 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:19:23.0628 4672 arcsas - ok
19:19:23.0874 4672 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:23.0876 4672 aspnet_state - ok
19:19:23.0899 4672 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:23.0901 4672 AsyncMac - ok
19:19:23.0977 4672 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:19:23.0978 4672 atapi - ok
19:19:24.0512 4672 Ati External Event Utility (5a208b1d4aa1736e195be9dbb31db382) C:\Windows\system32\Ati2evxx.exe
19:19:24.0520 4672 Ati External Event Utility - ok
19:19:26.0013 4672 atikmdag (0746ea434a4693251c7d3be3cccc77d6) C:\Windows\system32\DRIVERS\atikmdag.sys
19:19:27.0034 4672 atikmdag - ok
19:19:27.0521 4672 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
19:19:27.0522 4672 AtiPcie - ok
19:19:27.0749 4672 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:19:27.0792 4672 AudioEndpointBuilder - ok
19:19:27.0798 4672 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:19:27.0803 4672 AudioSrv - ok
19:19:27.0949 4672 AVer88xHD (5e76debba4311ac1c44de83d59a9584e) C:\Windows\system32\drivers\AVer88xHD64.sys
19:19:27.0962 4672 AVer88xHD - ok
19:19:28.0251 4672 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:19:28.0289 4672 BFE - ok
19:19:28.0683 4672 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:19:28.0724 4672 BITS - ok
19:19:28.0917 4672 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:19:28.0919 4672 blbdrive - ok
19:19:29.0038 4672 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:19:29.0042 4672 Bonjour Service - ok
19:19:29.0251 4672 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:19:29.0255 4672 bowser - ok
19:19:29.0281 4672 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:19:29.0285 4672 BrFiltLo - ok
19:19:29.0311 4672 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:19:29.0313 4672 BrFiltUp - ok
19:19:29.0431 4672 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:19:29.0455 4672 Browser - ok
19:19:29.0701 4672 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:19:29.0735 4672 Brserid - ok
19:19:29.0815 4672 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:19:29.0817 4672 BrSerWdm - ok
19:19:29.0831 4672 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:19:29.0836 4672 BrUsbMdm - ok
19:19:29.0858 4672 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:19:29.0862 4672 BrUsbSer - ok
19:19:29.0963 4672 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:19:29.0965 4672 BTHMODEM - ok
19:19:31.0528 4672 CarboniteService (670d52e49e63b8968a75899ba7a91f85) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
19:19:31.0574 4672 CarboniteService - ok
19:19:32.0290 4672 CAXHWBS2 (797c36e597f9fc4efd88e6e0e98abe37) C:\Windows\system32\DRIVERS\CAXHWBS2.sys
19:19:32.0379 4672 CAXHWBS2 - ok
19:19:32.0434 4672 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:19:32.0436 4672 cdfs - ok
19:19:32.0496 4672 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:19:32.0499 4672 cdrom - ok
19:19:32.0587 4672 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:19:32.0591 4672 CertPropSvc - ok
19:19:32.0806 4672 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
19:19:32.0807 4672 cfwids - ok
19:19:32.0835 4672 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
19:19:32.0840 4672 circlass - ok
19:19:33.0096 4672 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:19:33.0233 4672 CLFS - ok
19:19:33.0515 4672 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:33.0517 4672 clr_optimization_v2.0.50727_32 - ok
19:19:33.0587 4672 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:33.0590 4672 clr_optimization_v2.0.50727_64 - ok
19:19:33.0926 4672 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:33.0929 4672 clr_optimization_v4.0.30319_32 - ok
19:19:34.0087 4672 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:34.0092 4672 clr_optimization_v4.0.30319_64 - ok
19:19:34.0299 4672 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:19:34.0307 4672 cmdide - ok
19:19:34.0339 4672 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
19:19:34.0344 4672 Compbatt - ok
19:19:34.0385 4672 COMSysApp - ok
19:19:34.0517 4672 cpuz130 - ok
19:19:34.0624 4672 cpuz135 (c08063f052308b6f5882482615387f30) C:\Windows\system32\drivers\cpuz135_x64.sys
19:19:34.0625 4672 cpuz135 - ok
19:19:34.0650 4672 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:19:34.0651 4672 crcdisk - ok
19:19:34.0839 4672 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
19:19:34.0842 4672 CryptSvc - ok
19:19:35.0231 4672 DAUpdaterSvc - ok
19:19:35.0542 4672 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:19:35.0598 4672 DcomLaunch - ok
19:19:35.0719 4672 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:19:35.0723 4672 DfsC - ok
19:19:36.0449 4672 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:19:36.0586 4672 DFSR - ok
19:19:37.0259 4672 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:19:37.0262 4672 Dhcp - ok
19:19:37.0416 4672 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:19:37.0417 4672 disk - ok
19:19:37.0504 4672 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:19:37.0570 4672 Dnscache - ok
19:19:37.0654 4672 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:19:37.0660 4672 dot3svc - ok
19:19:37.0810 4672 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
19:19:37.0813 4672 Dot4 - ok
19:19:37.0911 4672 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:19:37.0914 4672 Dot4Print - ok
19:19:37.0946 4672 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
19:19:37.0951 4672 dot4usb - ok
19:19:37.0976 4672 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:19:37.0980 4672 DPS - ok
19:19:38.0001 4672 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:19:38.0004 4672 drmkaud - ok
19:19:38.0076 4672 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:19:38.0084 4672 DXGKrnl - ok
19:19:38.0210 4672 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:19:38.0213 4672 E1G60 - ok
19:19:38.0247 4672 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:19:38.0250 4672 EapHost - ok
19:19:38.0514 4672 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:19:38.0531 4672 Ecache - ok
19:19:38.0993 4672 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:19:39.0028 4672 ehRecvr - ok
19:19:39.0107 4672 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:19:39.0110 4672 ehSched - ok
19:19:39.0185 4672 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:19:39.0214 4672 ehstart - ok
19:19:39.0315 4672 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:19:39.0362 4672 elxstor - ok
19:19:39.0760 4672 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:19:39.0807 4672 EMDMgmt - ok
19:19:39.0838 4672 ENTECH64 (12c061d9f9621be916d58191872ec281) C:\Windows\system32\DRIVERS\ENTECH64.sys
19:19:39.0840 4672 ENTECH64 - ok
19:19:39.0854 4672 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
19:19:39.0858 4672 ErrDev - ok
19:19:39.0973 4672 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
19:19:39.0973 4672 ETService - ok
19:19:40.0166 4672 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:19:40.0173 4672 EventSystem - ok
19:19:40.0388 4672 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:19:40.0392 4672 exfat - ok
19:19:40.0508 4672 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:19:40.0514 4672 fastfat - ok
19:19:40.0620 4672 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:19:40.0621 4672 fdc - ok
19:19:40.0748 4672 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:19:40.0793 4672 fdPHost - ok
19:19:40.0823 4672 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:19:40.0824 4672 FDResPub - ok
19:19:40.0985 4672 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:19:40.0987 4672 FileInfo - ok
19:19:41.0086 4672 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:19:41.0088 4672 Filetrace - ok
19:19:41.0157 4672 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:41.0187 4672 flpydisk - ok
19:19:41.0405 4672 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:19:41.0442 4672 FltMgr - ok
19:19:41.0555 4672 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:19:41.0637 4672 FontCache - ok
19:19:41.0798 4672 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:41.0800 4672 FontCache3.0.0.0 - ok
19:19:41.0961 4672 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:19:41.0963 4672 Fs_Rec - ok
19:19:41.0996 4672 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:19:42.0002 4672 gagp30kx - ok
19:19:42.0220 4672 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
19:19:42.0224 4672 GameConsoleService - ok
19:19:42.0331 4672 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:19:42.0332 4672 GEARAspiWDM - ok
19:19:42.0612 4672 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:19:42.0652 4672 gpsvc - ok
19:19:42.0931 4672 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:42.0977 4672 gupdate - ok
19:19:42.0999 4672 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:43.0001 4672 gupdatem - ok
19:19:43.0028 4672 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:19:43.0033 4672 gusvc - ok
19:19:43.0142 4672 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
19:19:43.0148 4672 HdAudAddService - ok
19:19:43.0223 4672 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:43.0272 4672 HDAudBus - ok
19:19:43.0293 4672 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:19:43.0299 4672 HidBth - ok
19:19:43.0401 4672 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
19:19:43.0402 4672 HidIr - ok
19:19:43.0488 4672 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:19:43.0490 4672 hidserv - ok
19:19:43.0593 4672 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:19:43.0596 4672 HidUsb - ok
19:19:43.0796 4672 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:19:43.0799 4672 hkmsvc - ok
19:19:43.0913 4672 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:19:43.0915 4672 HpCISSs - ok
19:19:44.0390 4672 hpqcxs08 (ce0fcec4d4d860f36d972759b11eaf0f) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:19:44.0394 4672 hpqcxs08 - ok
19:19:44.0501 4672 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:19:44.0503 4672 hpqddsvc - ok
19:19:44.0977 4672 HPSLPSVC (1967a46a7b9a55d2630d886211d40175) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:19:45.0014 4672 HPSLPSVC - ok
19:19:45.0744 4672 HSF_DPV (1e260b33f6555146a0b826f047238c00) C:\Windows\system32\DRIVERS\CAX_DPV.sys
19:19:45.0779 4672 HSF_DPV - ok
19:19:46.0294 4672 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:19:46.0361 4672 HTTP - ok
19:19:46.0400 4672 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:19:46.0403 4672 i2omp - ok
19:19:46.0421 4672 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:46.0424 4672 i8042prt - ok
19:19:46.0453 4672 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:19:46.0563 4672 iaStorV - ok
19:19:47.0087 4672 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:47.0106 4672 idsvc - ok
19:19:47.0865 4672 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
19:19:47.0868 4672 IHA_MessageCenter - ok
19:19:48.0146 4672 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:19:48.0148 4672 iirsp - ok
19:19:48.0382 4672 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:19:48.0448 4672 IKEEXT - ok
19:19:48.0714 4672 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
19:19:48.0715 4672 int15 - ok
19:19:49.0170 4672 IntcAzAudAddService (023eb98945069178c21b324b880ad787) C:\Windows\system32\drivers\RTKVHD64.sys
19:19:49.0183 4672 IntcAzAudAddService - ok
19:19:49.0540 4672 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:19:49.0544 4672 intelide - ok
19:19:49.0625 4672 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:19:49.0627 4672 intelppm - ok
19:19:49.0855 4672 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:19:49.0876 4672 IPBusEnum - ok
19:19:50.0021 4672 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:50.0024 4672 IpFilterDriver - ok
19:19:50.0165 4672 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:19:50.0170 4672 iphlpsvc - ok
19:19:50.0174 4672 IpInIp - ok
19:19:50.0200 4672 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:19:50.0204 4672 IPMIDRV - ok
19:19:50.0223 4672 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:19:50.0227 4672 IPNAT - ok
19:19:50.0520 4672 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:19:50.0545 4672 iPod Service - ok
19:19:50.0565 4672 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:19:50.0569 4672 IRENUM - ok
19:19:50.0773 4672 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:19:50.0776 4672 isapnp - ok
19:19:50.0958 4672 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:19:50.0960 4672 iScsiPrt - ok
19:19:51.0175 4672 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:19:51.0179 4672 iteatapi - ok
19:19:51.0202 4672 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:19:51.0207 4672 iteraid - ok
19:19:51.0235 4672 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:51.0236 4672 kbdclass - ok
19:19:51.0422 4672 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:51.0423 4672 kbdhid - ok
19:19:51.0487 4672 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:19:51.0489 4672 KeyIso - ok
19:19:51.0889 4672 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
19:19:51.0919 4672 KSecDD - ok
19:19:51.0934 4672 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:19:51.0937 4672 ksthunk - ok
19:19:51.0968 4672 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:19:52.0001 4672 KtmRm - ok
19:19:52.0090 4672 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:19:52.0141 4672 LanmanServer - ok
19:19:52.0199 4672 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:19:52.0238 4672 LanmanWorkstation - ok
19:19:52.0325 4672 Lavasoft Kernexplorer - ok
19:19:52.0416 4672 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:19:52.0418 4672 lltdio - ok
19:19:52.0664 4672 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:19:52.0671 4672 lltdsvc - ok
19:19:52.0771 4672 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:19:52.0773 4672 lmhosts - ok
19:19:52.0820 4672 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:19:52.0827 4672 LSI_FC - ok
19:19:53.0040 4672 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:19:53.0043 4672 LSI_SAS - ok
19:19:53.0073 4672 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:19:53.0081 4672 LSI_SCSI - ok
19:19:53.0110 4672 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:19:53.0116 4672 luafv - ok
19:19:53.0450 4672 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0452 4672 McAfee SiteAdvisor Service - ok
19:19:53.0458 4672 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0460 4672 McMPFSvc - ok
19:19:53.0466 4672 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0468 4672 mcmscsvc - ok
19:19:53.0492 4672 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0494 4672 McNaiAnn - ok
19:19:53.0523 4672 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0526 4672 McNASvc - ok
19:19:53.0899 4672 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
19:19:53.0942 4672 McODS - ok
19:19:53.0962 4672 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:19:53.0964 4672 McProxy - ok
19:19:54.0118 4672 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:19:54.0120 4672 McShield - ok
19:19:54.0293 4672 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:19:54.0305 4672 Mcx2Svc - ok
19:19:54.0430 4672 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:19:54.0470 4672 mdmxsdk - ok
19:19:54.0522 4672 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:19:54.0527 4672 megasas - ok
19:19:54.0898 4672 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:19:54.0920 4672 MegaSR - ok
19:19:55.0112 4672 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
19:19:55.0114 4672 mfeapfk - ok
19:19:55.0346 4672 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
19:19:55.0348 4672 mfeavfk - ok
19:19:55.0378 4672 mfeavfk01 - ok
19:19:55.0573 4672 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:19:55.0575 4672 mfefire - ok
19:19:55.0910 4672 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
19:19:55.0915 4672 mfefirek - ok
19:19:56.0171 4672 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
19:19:56.0240 4672 mfehidk - ok
19:19:56.0353 4672 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
19:19:56.0355 4672 mfenlfk - ok
19:19:56.0489 4672 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
19:19:56.0492 4672 mferkdet - ok
19:19:57.0205 4672 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
19:19:57.0207 4672 mfevtp - ok
19:19:57.0298 4672 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
19:19:57.0301 4672 mfewfpk - ok
19:19:57.0379 4672 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:19:57.0381 4672 MMCSS - ok
19:19:57.0483 4672 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:19:57.0484 4672 Modem - ok
19:19:57.0703 4672 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:19:57.0704 4672 monitor - ok
19:19:57.0718 4672 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:19:57.0720 4672 mouclass - ok
19:19:57.0819 4672 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:19:57.0821 4672 mouhid - ok
19:19:57.0841 4672 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:19:57.0849 4672 MountMgr - ok
19:19:58.0267 4672 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:19:58.0358 4672 MozillaMaintenance - ok
19:19:58.0532 4672 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:19:58.0536 4672 mpio - ok
19:19:58.0567 4672 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:19:58.0591 4672 mpsdrv - ok
19:19:58.0941 4672 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:19:59.0012 4672 MpsSvc - ok
19:19:59.0033 4672 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:19:59.0036 4672 Mraid35x - ok
19:19:59.0135 4672 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:19:59.0138 4672 MRxDAV - ok
19:19:59.0184 4672 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:59.0191 4672 mrxsmb - ok
19:19:59.0474 4672 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:59.0543 4672 mrxsmb10 - ok
19:19:59.0557 4672 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:59.0560 4672 mrxsmb20 - ok
19:19:59.0583 4672 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
19:19:59.0586 4672 msahci - ok
19:19:59.0610 4672 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:19:59.0614 4672 msdsm - ok
19:19:59.0646 4672 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:19:59.0651 4672 MSDTC - ok
19:19:59.0694 4672 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:19:59.0697 4672 Msfs - ok
19:19:59.0711 4672 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:19:59.0712 4672 msisadrv - ok
19:19:59.0786 4672 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:19:59.0790 4672 MSiSCSI - ok
19:19:59.0795 4672 msiserver - ok
19:19:59.0838 4672 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:19:59.0845 4672 MSKSSRV - ok
19:19:59.0861 4672 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:59.0863 4672 MSPCLOCK - ok
19:19:59.0878 4672 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:19:59.0881 4672 MSPQM - ok
19:19:59.0957 4672 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:19:59.0963 4672 MsRPC - ok
19:19:59.0999 4672 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:20:00.0000 4672 mssmbios - ok
19:20:00.0176 4672 MSSQL$SQLEXPRESS - ok
19:20:00.0242 4672 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:20:00.0245 4672 MSSQLServerADHelper - ok
19:20:00.0259 4672 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:20:00.0261 4672 MSTEE - ok
19:20:01.0667 4672 msvsmon90 (0f4dd44765a7d23e0cd9965ee900558f) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:20:01.0766 4672 msvsmon90 - ok
19:20:02.0156 4672 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:20:02.0158 4672 Mup - ok
19:20:02.0453 4672 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:20:02.0484 4672 napagent - ok
19:20:02.0629 4672 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:20:02.0633 4672 NativeWifiP - ok
19:20:02.0896 4672 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:20:02.0925 4672 NDIS - ok
19:20:02.0957 4672 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:02.0960 4672 NdisTapi - ok
19:20:02.0971 4672 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:02.0974 4672 Ndisuio - ok
19:20:03.0015 4672 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:03.0020 4672 NdisWan - ok
19:20:03.0035 4672 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:20:03.0038 4672 NDProxy - ok
19:20:03.0130 4672 Net Driver HPZ12 (59267d2f0328599aa3b5408c2e06126f) C:\Windows\system32\HPZinw12.dll
19:20:03.0132 4672 Net Driver HPZ12 - ok
19:20:03.0153 4672 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:20:03.0155 4672 NetBIOS - ok
19:20:03.0299 4672 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:20:03.0365 4672 netbt - ok
19:20:03.0410 4672 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:20:03.0412 4672 Netlogon - ok
19:20:03.0649 4672 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:20:03.0715 4672 Netman - ok
19:20:03.0978 4672 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:03.0995 4672 NetMsmqActivator - ok
19:20:04.0000 4672 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:04.0002 4672 NetPipeActivator - ok
19:20:04.0136 4672 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:20:04.0148 4672 netprofm - ok
19:20:04.0172 4672 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:04.0175 4672 NetTcpActivator - ok
19:20:04.0180 4672 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:04.0182 4672 NetTcpPortSharing - ok
19:20:04.0352 4672 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:20:04.0354 4672 nfrd960 - ok
19:20:04.0382 4672 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:20:04.0419 4672 NlaSvc - ok
19:20:04.0507 4672 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:20:04.0509 4672 Npfs - ok
19:20:04.0626 4672 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:20:04.0628 4672 nsi - ok
19:20:04.0654 4672 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:20:04.0660 4672 nsiproxy - ok
19:20:05.0272 4672 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:20:05.0330 4672 Ntfs - ok
19:20:05.0871 4672 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:20:05.0904 4672 Null - ok
19:20:10.0230 4672 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:10.0327 4672 nvlddmkm - ok
19:20:10.0997 4672 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:20:11.0016 4672 nvraid - ok
19:20:11.0157 4672 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:20:11.0160 4672 nvstor - ok
19:20:11.0304 4672 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
19:20:11.0312 4672 nvsvc - ok
19:20:12.0115 4672 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:20:12.0133 4672 nvUpdatusService - ok
19:20:12.0630 4672 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:20:12.0679 4672 nv_agp - ok
19:20:12.0684 4672 NwlnkFlt - ok
19:20:12.0690 4672 NwlnkFwd - ok
19:20:13.0044 4672 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:13.0065 4672 odserv - ok
19:20:13.0121 4672 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
19:20:13.0149 4672 ohci1394 - ok
19:20:13.0175 4672 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:13.0179 4672 ose - ok
19:20:13.0382 4672 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:20:13.0419 4672 p2pimsvc - ok
19:20:13.0429 4672 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:20:13.0438 4672 p2psvc - ok
19:20:13.0634 4672 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
19:20:13.0636 4672 Parport - ok
19:20:13.0789 4672 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:20:13.0791 4672 partmgr - ok
19:20:13.0887 4672 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:20:13.0891 4672 PcaSvc - ok
19:20:14.0081 4672 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:20:14.0086 4672 pci - ok
19:20:14.0113 4672 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
19:20:14.0115 4672 pciide - ok
19:20:14.0236 4672 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:20:14.0261 4672 pcmcia - ok
19:20:14.0461 4672 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:20:14.0491 4672 PEAUTH - ok
19:20:14.0671 4672 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:20:14.0673 4672 PerfHost - ok
19:20:14.0995 4672 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:20:15.0053 4672 pla - ok
19:20:15.0138 4672 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:20:15.0145 4672 PlugPlay - ok
19:20:15.0206 4672 Pml Driver HPZ12 (5261a2fd55183ac6993145ab6662cddf) C:\Windows\system32\HPZipm12.dll
19:20:15.0209 4672 Pml Driver HPZ12 - ok
19:20:15.0434 4672 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:20:15.0442 4672 PNRPAutoReg - ok
19:20:15.0452 4672 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:20:15.0460 4672 PNRPsvc - ok
19:20:15.0705 4672 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:20:15.0710 4672 PolicyAgent - ok
19:20:15.0998 4672 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:20:16.0002 4672 PptpMiniport - ok
19:20:16.0102 4672 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
19:20:16.0103 4672 Processor - ok
19:20:16.0145 4672 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:20:16.0167 4672 ProfSvc - ok
19:20:16.0215 4672 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:20:16.0218 4672 ProtectedStorage - ok
19:20:16.0297 4672 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:20:16.0301 4672 PSched - ok
19:20:16.0461 4672 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:20:16.0515 4672 ql2300 - ok
19:20:16.0538 4672 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:20:16.0542 4672 ql40xx - ok
19:20:16.0570 4672 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
19:20:16.0580 4672 QWAVE - ok
19:20:16.0599 4672 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:20:16.0602 4672 QWAVEdrv - ok
19:20:16.0613 4672 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:20:16.0615 4672 RasAcd - ok
19:20:16.0655 4672 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:20:16.0660 4672 RasAuto - ok
19:20:16.0793 4672 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:16.0796 4672 Rasl2tp - ok
19:20:16.0999 4672 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:20:17.0048 4672 RasMan - ok
19:20:17.0121 4672 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:17.0123 4672 RasPppoe - ok
19:20:17.0162 4672 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:20:17.0168 4672 RasSstp - ok
19:20:17.0223 4672 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:20:17.0271 4672 rdbss - ok
19:20:17.0295 4672 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:17.0299 4672 RDPCDD - ok
19:20:17.0334 4672 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
19:20:17.0344 4672 rdpdr - ok
19:20:17.0349 4672 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:20:17.0351 4672 RDPENCDD - ok
19:20:17.0420 4672 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
19:20:17.0425 4672 RDPWD - ok
19:20:17.0500 4672 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:20:17.0503 4672 RemoteAccess - ok
19:20:17.0646 4672 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:20:17.0652 4672 RemoteRegistry - ok
19:20:17.0704 4672 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:20:17.0761 4672 RpcLocator - ok
19:20:17.0837 4672 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:20:17.0847 4672 RpcSs - ok
19:20:17.0990 4672 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:20:17.0993 4672 rspndr - ok
19:20:18.0088 4672 RSUSBSTOR (1807ea271c9685a25571d94ae4e3a8dd) C:\Windows\system32\Drivers\RTS5121.sys
19:20:18.0091 4672 RSUSBSTOR - ok
19:20:18.0166 4672 RTHDMIAzAudService (f8da8fc39ce5859c0d8c0fe6524ce465) C:\Windows\system32\drivers\RtHDMIVX.sys
19:20:18.0195 4672 RTHDMIAzAudService - ok
19:20:18.0200 4672 Rts516xIR - ok
19:20:18.0259 4672 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:20:18.0261 4672 SamSs - ok
19:20:18.0321 4672 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:20:18.0324 4672 sbp2port - ok
19:20:18.0465 4672 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:20:18.0470 4672 SCardSvr - ok
19:20:18.0686 4672 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:20:18.0721 4672 Schedule - ok
19:20:18.0826 4672 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:20:18.0828 4672 SCPolicySvc - ok
19:20:18.0883 4672 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:20:18.0887 4672 SDRSVC - ok
19:20:18.0938 4672 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:20:18.0941 4672 secdrv - ok
19:20:18.0957 4672 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:20:18.0960 4672 seclogon - ok
19:20:19.0169 4672 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:20:19.0172 4672 SENS - ok
19:20:19.0240 4672 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
19:20:19.0255 4672 Serenum - ok
19:20:19.0275 4672 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
19:20:19.0279 4672 Serial - ok
19:20:19.0301 4672 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:20:19.0304 4672 sermouse - ok
19:20:19.0520 4672 ServicepointService (b041aae7a14a0db47583f9c866b8b2ea) C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
19:20:19.0525 4672 ServicepointService - ok
19:20:19.0611 4672 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:20:19.0615 4672 SessionEnv - ok
19:20:19.0638 4672 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:20:19.0640 4672 sffdisk - ok
19:20:19.0679 4672 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:20:19.0681 4672 sffp_mmc - ok
19:20:19.0723 4672 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:20:19.0760 4672 sffp_sd - ok
19:20:19.0777 4672 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:20:19.0779 4672 sfloppy - ok
19:20:19.0813 4672 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:20:19.0831 4672 SharedAccess - ok
19:20:19.0914 4672 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:20:19.0921 4672 ShellHWDetection - ok
19:20:19.0980 4672 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:20:19.0982 4672 SiSRaid2 - ok
19:20:20.0046 4672 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:20:20.0075 4672 SiSRaid4 - ok
19:20:20.0457 4672 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:20:20.0486 4672 slsvc - ok
19:20:20.0802 4672 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:20:20.0806 4672 SLUINotify - ok
19:20:20.0915 4672 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:20:20.0917 4672 Smb - ok
19:20:20.0990 4672 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:20:20.0993 4672 SNMPTRAP - ok
19:20:21.0043 4672 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:20:21.0044 4672 spldr - ok
19:20:21.0145 4672 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:20:21.0149 4672 Spooler - ok
19:20:21.0374 4672 SQLBrowser (d2b096cd2f56fac6eeeed9a77ddf6dc8) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:20:21.0380 4672 SQLBrowser - ok
19:20:21.0523 4672 SQLWriter (582f8b13e1042c49a4a5a7bb52f518e4) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:20:21.0525 4672 SQLWriter - ok
19:20:21.0751 4672 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:20:21.0788 4672 srv - ok
19:20:21.0865 4672 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:20:21.0894 4672 srv2 - ok
19:20:22.0027 4672 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:20:22.0047 4672 srvnet - ok
19:20:22.0077 4672 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:20:22.0115 4672 SSDPSRV - ok
19:20:22.0157 4672 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:20:22.0181 4672 SstpSvc - ok
19:20:22.0246 4672 Steam Client Service - ok
19:20:22.0471 4672 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:22.0474 4672 Stereo Service - ok
19:20:22.0702 4672 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:20:22.0758 4672 stisvc - ok
19:20:23.0006 4672 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:20:23.0008 4672 swenum - ok
19:20:23.0168 4672 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:20:23.0191 4672 swprv - ok
19:20:23.0211 4672 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:20:23.0215 4672 Symc8xx - ok
19:20:23.0231 4672 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:20:23.0234 4672 Sym_hi - ok
19:20:23.0251 4672 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:20:23.0255 4672 Sym_u3 - ok
19:20:23.0447 4672 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:20:23.0536 4672 SysMain - ok
19:20:23.0565 4672 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:20:23.0568 4672 TabletInputService - ok
19:20:23.0786 4672 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:20:23.0813 4672 TapiSrv - ok
19:20:23.0860 4672 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:20:23.0863 4672 TBS - ok
19:20:24.0728 4672 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
19:20:24.0808 4672 Tcpip - ok
19:20:25.0610 4672 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
19:20:25.0621 4672 Tcpip6 - ok
19:20:25.0866 4672 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:20:25.0868 4672 tcpipreg - ok
19:20:25.0942 4672 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:20:25.0965 4672 TDPIPE - ok
19:20:25.0992 4672 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:20:25.0996 4672 TDTCP - ok
19:20:26.0053 4672 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:20:26.0078 4672 tdx - ok
19:20:26.0128 4672 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:20:26.0130 4672 TermDD - ok
19:20:26.0301 4672 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:20:26.0334 4672 TermService - ok
19:20:26.0435 4672 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:20:26.0439 4672 Themes - ok
19:20:26.0490 4672 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:20:26.0492 4672 THREADORDER - ok
19:20:26.0664 4672 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:20:26.0669 4672 TrkWks - ok
19:20:26.0867 4672 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:20:26.0868 4672 TrustedInstaller - ok
19:20:26.0983 4672 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:26.0984 4672 tssecsrv - ok
19:20:26.0996 4672 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:20:27.0003 4672 tunmp - ok
19:20:27.0122 4672 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:20:27.0123 4672 tunnel - ok
19:20:27.0144 4672 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:20:27.0151 4672 uagp35 - ok
19:20:27.0370 4672 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:20:27.0393 4672 udfs - ok
19:20:27.0510 4672 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:20:27.0514 4672 UI0Detect - ok
19:20:27.0633 4672 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:20:27.0656 4672 uliagpkx - ok
19:20:27.0840 4672 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:20:27.0889 4672 uliahci - ok
19:20:28.0023 4672 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:20:28.0027 4672 UlSata - ok
19:20:28.0059 4672 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:20:28.0073 4672 ulsata2 - ok
19:20:28.0093 4672 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:20:28.0096 4672 umbus - ok
19:20:28.0122 4672 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:20:28.0145 4672 upnphost - ok
19:20:28.0184 4672 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:20:28.0188 4672 USBAAPL64 - ok
19:20:28.0210 4672 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:20:28.0214 4672 usbccgp - ok
19:20:28.0219 4672 USBCCID - ok
19:20:28.0371 4672 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys
19:20:28.0374 4672 usbcir - ok
19:20:28.0535 4672 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:20:28.0537 4672 usbehci - ok
19:20:28.0584 4672 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:20:28.0629 4672 usbhub - ok
19:20:28.0642 4672 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
19:20:28.0644 4672 usbohci - ok
19:20:28.0668 4672 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:20:28.0671 4672 usbprint - ok
19:20:28.0704 4672 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:20:28.0707 4672 usbscan - ok
19:20:28.0720 4672 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:28.0723 4672 USBSTOR - ok
19:20:28.0742 4672 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:20:28.0745 4672 usbuhci - ok
19:20:28.0774 4672 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:20:28.0776 4672 UxSms - ok
19:20:28.0898 4672 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:20:28.0956 4672 vds - ok
19:20:29.0052 4672 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:29.0054 4672 vga - ok
19:20:29.0077 4672 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:20:29.0079 4672 VgaSave - ok
19:20:29.0109 4672 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:20:29.0122 4672 viaide - ok
19:20:29.0241 4672 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:20:29.0242 4672 volmgr - ok
19:20:29.0843 4672 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:20:29.0855 4672 volmgrx - ok
19:20:30.0067 4672 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:20:30.0115 4672 volsnap - ok
19:20:30.0307 4672 vpnagent (a11a1f7e72e13c4ca44eeb25c9c55656) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
19:20:30.0311 4672 vpnagent - ok
19:20:30.0391 4672 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
19:20:30.0392 4672 vpnva - ok
19:20:30.0548 4672 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:20:30.0567 4672 vsmraid - ok
19:20:31.0086 4672 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:20:31.0098 4672 VSS - ok
19:20:31.0883 4672 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:20:31.0888 4672 W32Time - ok
19:20:32.0054 4672 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:20:32.0065 4672 WacomPen - ok
19:20:32.0130 4672 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:20:32.0133 4672 Wanarp - ok
19:20:32.0137 4672 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:20:32.0139 4672 Wanarpv6 - ok
19:20:32.0286 4672 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:20:32.0357 4672 wcncsvc - ok
19:20:32.0380 4672 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:20:32.0384 4672 WcsPlugInService - ok
19:20:32.0406 4672 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:20:32.0409 4672 Wd - ok
19:20:32.0553 4672 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:20:32.0589 4672 Wdf01000 - ok
19:20:32.0692 4672 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:20:32.0695 4672 WdiServiceHost - ok
19:20:32.0700 4672 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:20:32.0703 4672 WdiSystemHost - ok
19:20:33.0120 4672 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:20:33.0124 4672 WebClient - ok
19:20:33.0492 4672 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:20:33.0531 4672 Wecsvc - ok
19:20:33.0587 4672 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:20:33.0592 4672 wercplsupport - ok
19:20:33.0705 4672 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:20:33.0710 4672 WerSvc - ok
19:20:34.0178 4672 winachsf (cbdeb4b3b5cf8c49acc221d45f1c50c1) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
19:20:34.0194 4672 winachsf - ok
19:20:34.0417 4672 WinDefend - ok
19:20:34.0430 4672 WinHttpAutoProxySvc - ok
19:20:34.0939 4672 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:20:34.0968 4672 Winmgmt - ok
19:20:36.0197 4672 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:20:36.0242 4672 WinRM - ok
19:20:36.0934 4672 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:20:36.0953 4672 Wlansvc - ok
19:20:37.0004 4672 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
19:20:37.0016 4672 WmiAcpi - ok
19:20:37.0113 4672 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:20:37.0118 4672 wmiApSrv - ok
19:20:37.0181 4672 WMPNetworkSvc - ok
19:20:37.0232 4672 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:20:37.0237 4672 WPCSvc - ok
19:20:37.0363 4672 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:20:37.0367 4672 WPDBusEnum - ok
19:20:37.0405 4672 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:20:37.0409 4672 WpdUsb - ok
19:20:37.0914 4672 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:20:37.0951 4672 WPFFontCache_v0400 - ok
19:20:38.0038 4672 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:20:38.0039 4672 ws2ifsl - ok
19:20:38.0103 4672 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
19:20:38.0107 4672 wscsvc - ok
19:20:38.0112 4672 WSearch - ok
19:20:38.0837 4672 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:20:38.0886 4672 wuauserv - ok
19:20:39.0169 4672 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:39.0175 4672 WUDFRd - ok
19:20:39.0216 4672 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
19:20:39.0220 4672 wudfsvc - ok
19:20:39.0270 4672 XAudio (2f2ce5e47b014f52bc722ae28b19cbf3) C:\Windows\system32\DRIVERS\xaudio64.sys
19:20:39.0282 4672 XAudio - ok
19:20:39.0486 4672 XAudioService (a337887a4e3396a3ea5d6e54fa431c84) C:\Windows\system32\DRIVERS\xaudio64.exe
19:20:39.0489 4672 XAudioService - ok
19:20:39.0497 4672 yksvc - ok
19:20:39.0800 4672 yukonx64 (b681cadb266b151061e7baa82b0d77b7) C:\Windows\system32\DRIVERS\yk60x64.sys
19:20:39.0827 4672 yukonx64 - ok
19:20:39.0871 4672 MBR (0x1B8) (b751af1acddd7a1a71313731839f4ecb) \Device\Harddisk0\DR0
19:20:42.0499 4672 \Device\Harddisk0\DR0 - ok
19:20:42.0533 4672 Boot (0x1200) (ab2522fc70605093af8a9f7397afbb75) \Device\Harddisk0\DR0\Partition0
19:20:42.0539 4672 \Device\Harddisk0\DR0\Partition0 - ok
19:20:42.0540 4672 ============================================================
19:20:42.0540 4672 Scan finished
19:20:42.0540 4672 ============================================================
19:20:42.0555 2488 Detected object count: 0
19:20:42.0555 2488 Actual detected object count: 0


thanks again for your help
rcm
Active Member
 
Posts: 7
Joined: June 22nd, 2012, 8:19 pm

Re: Computer Running slow and Loud.

Unread postby askey127 » June 27th, 2012, 7:19 am

rcm,
I would definitely remove the cover of the PC (assuming it's a desktop), unplug it, and carefully vacuum out all the filters, air holes, fan blades and the main board for dust.
This just to be sure none of the fans air flows are being obstructed. They can clog easily. Then replace the cover.
--------------------------------------------------------
Your Events log shows some errors when trying to download and install Windows Updates.
Start Internet Explorer, click the Tools Menu (if it's not visible, hit the <Alt> key), and choose Windows Update
See if you need any Windows Updates, and if so, also see if you can download and install them.
--------------------------------------------------------
If you wish, you can Uninstall McAfee Site Advisor and use Web of Trust (better) instead. It's here: http://www.mywot.com/

Let me know how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Computer Running slow and Loud.

Unread postby askey127 » June 30th, 2012, 8:04 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 386 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware