Hi Askey127,
I really appreciate you taking the time to investigate my case! I did everything as instructed. However, I did not find
Roxio BackOnTrack in the list of my
Programs and Features. I only had
Roxio Starter, which I left alone.
Here are the 3 respective logs:
1) aswMBR.log
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-29 10:35:50
-----------------------------
10:35:50.825 OS Version: Windows x64 6.1.7601 Service Pack 1
10:35:50.825 Number of processors: 8 586 0x2A07
10:35:50.835 ComputerName: GRISHAMAYYAPC UserName: Grisha
10:35:51.955 Initialize success
10:36:14.435 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0
10:36:14.435 Disk 0 Vendor: WDC_____ 500. Size: 953869MB BusType: 8
10:36:14.445 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
10:36:14.445 Disk 1 Vendor: ST315003 CC4G Size: 1430799MB BusType: 3
10:36:14.445 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3
10:36:14.455 Disk 2 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
10:36:14.465 Disk 1 MBR read successfully
10:36:14.475 Disk 1 MBR scan
10:36:14.475 Disk 1 Windows VISTA default MBR code
10:36:14.475 Disk 1 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:36:14.485 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12542 MB offset 81920
10:36:14.495 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 204193 MB offset 25767936
10:36:14.495 Disk 1 Partition - 00 0F Extended LBA 1214021 MB offset 443956275
10:36:14.515 Disk 1 Partition 4 00 07 HPFS/NTFS NTFS 1214021 MB offset 443956338
10:36:14.535 Disk 1 scanning C:\Windows\system32\drivers
10:36:20.895 Service scanning
10:36:33.335 Modules scanning
10:36:33.345 Disk 1 trace - called modules:
10:36:33.355 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:36:33.365 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800c4dd060]
10:36:33.365 3 CLASSPNP.SYS[fffff88001bbb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800a8b8050]
10:36:33.375 Scan finished successfully
10:36:55.595 Disk 1 MBR has been saved successfully to "C:\Users\Grisha\Documents\MBR.dat"
10:36:55.605 The log file has been saved successfully to "C:\Users\Grisha\Documents\aswMBR.txt"
2) OTL.txt
OTL logfile created on: 9/29/2012 10:38:54 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Grisha 2\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.98 Gb Total Physical Memory | 9.80 Gb Available Physical Memory | 81.79% Memory free
23.96 Gb Paging File | 21.81 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 199.41 Gb Total Space | 121.63 Gb Free Space | 61.00% Space Free | Partition Type: NTFS
Drive F: | 1185.57 Gb Total Space | 1098.93 Gb Free Space | 92.69% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 560.80 Gb Free Space | 60.20% Space Free | Partition Type: NTFS
Drive J: | 931.51 Gb Total Space | 534.44 Gb Free Space | 57.37% Space Free | Partition Type: NTFS
Computer Name: GRISHAMAYYAPC | User Name: Grisha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/09/29 10:37:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Grisha 2\Desktop\OTL.exe
PRC - [2012/09/25 19:17:25 | 000,352,768 | -H-- | M] () -- C:\ProgramData\LtkLWWHhOSoBnv.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/16 16:00:50 | 000,589,216 | ---- | M] (Anyplace Control Software) -- C:\Program Files (x86)\Anyplace Control\apc_host.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/03 10:26:52 | 000,309,400 | ---- | M] (Pro Softnet Corp) -- C:\Program Files (x86)\Remote Access Host\RemoteAHC.exe
PRC - [2012/04/03 10:26:46 | 000,866,456 | ---- | M] (Pro-SoftNet Corp.) -- C:\Program Files (x86)\Remote Access Host\RemoteAH.exe
PRC - [2012/03/26 10:04:36 | 000,120,304 | ---- | M] () -- C:\Program Files (x86)\Remote Access Host\RemoteSoundServ.exe
PRC - [2012/03/26 10:04:36 | 000,071,152 | ---- | M] () -- C:\Program Files (x86)\Remote Access Host\RemotePCM.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/08/18 12:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/03/07 09:23:06 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/10/01 17:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/10 17:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
========== Modules (No Company Name) ========== MOD - [2012/09/25 19:17:25 | 000,352,768 | -H-- | M] () -- C:\ProgramData\LtkLWWHhOSoBnv.exe
MOD - [2012/06/14 19:36:35 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012/06/14 03:25:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:25:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 18:48:51 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/10 03:26:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 03:25:38 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 03:25:35 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:25:33 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:25:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:25:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/11/24 23:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
========== Services (SafeList) ========== SRV:
64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:
64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:
64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:
64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:
64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:
64bit: - [2010/11/10 08:55:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:
64bit: - [2010/08/30 15:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/06 22:18:16 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/16 16:00:50 | 000,589,216 | ---- | M] (Anyplace Control Software) [Auto | Running] -- C:\Program Files (x86)\Anyplace Control\apc_host.exe -- (APC-Host)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 10:04:36 | 000,071,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Remote Access Host\RemotePCM.exe -- (remotepc)
SRV - [2011/08/18 12:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/05/17 13:20:39 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/03/07 09:23:04 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/08/17 17:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:
64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/03/26 10:04:56 | 000,012,096 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mv2.sys -- (mv2)
DRV:
64bit: - [2012/03/26 10:04:46 | 000,011,368 | ---- | M] (Pro Softnet Crop provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RemotePCmirror.sys -- (RemotePCmirror)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:
64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:
64bit: - [2011/05/06 14:30:20 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:
64bit: - [2011/05/06 14:30:18 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:
64bit: - [2011/04/01 05:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:
64bit: - [2011/04/01 05:06:22 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/25 11:27:40 | 000,120,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:
64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/10 09:34:04 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/11/10 08:18:54 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2010/09/24 19:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:
64bit: - [2010/09/21 23:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/06/08 08:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:
64bit: - [2010/05/20 19:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2009/09/08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:
64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" =
http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D2 B9 83 DC 9C 2C CD 01 [binary data]
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylon.com/?q={searchTerms}&affID=113959&tt=060612_8_&babsrc=SP_ss&mntrId=5f2eab90000000000000782bcb94e55e
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/USCON/1IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2441748295-1479818682-621920781-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons:
plugin@videofiledownload.com:1.5
FF - prefs.js..extensions.enabledAddons:
vk@sergeykolosov.mp:0.3.2.3
FF - prefs.js..extensions.enabledAddons: {f6eedaac-826d-50f4-3ded-d0d2b7570509}:1.300.428
FF - prefs.js..extensions.enabledAddons:
gpnqmudmll@gpnqmudmll.org:2.5
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=113959&tt=060612_8_&babsrc=KW_ss&mntrId=5f2eab90000000000000782bcb94e55e&q="
FF - prefs.js..network.proxy.type: 0
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/02 02:55:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/06 22:18:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/06 22:18:14 | 000,000,000 | ---D | M]
[2012/03/25 13:29:53 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Extensions
[2012/09/19 15:59:33 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\extensions
[2012/06/14 17:32:33 | 000,000,000 | -H-D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\extensions\plugin@videofiledownload.com
[1832/11/29 00:37:17 | 000,004,804 | -H-- | M] () (No name found) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\extensions\gpnqmudmll@gpnqmudmll.org.xpi
[2012/06/14 17:46:35 | 000,039,414 | -H-- | M] () (No name found) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\extensions\vk@sergeykolosov.mp.xpi
[2012/07/29 17:30:08 | 000,552,806 | -H-- | M] () (No name found) -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\extensions\{f6eedaac-826d-50f4-3ded-d0d2b7570509}.xpi
[2012/02/28 19:38:51 | 000,002,519 | -H-- | M] () -- C:\Users\Grisha\AppData\Roaming\Mozilla\Firefox\Profiles\rw9t6b6r.default\searchplugins\Search_Results.xml
[2012/09/06 22:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/06 22:18:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2009/09/13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/06/14 17:36:35 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/30 20:37:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/28 19:38:51 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/08/30 20:37:55 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/04/18 16:00:27 | 000,001,389 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 176.9.75.3
www.google-analytics.com.
O1 - Hosts: 176.9.75.3 ad-emea.doubleclick.net.
O1 - Hosts: 176.9.75.3
www.statcounter.com.
O1 - Hosts: 108.163.215.51
www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51
www.statcounter.com.
O2:
64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120623064950.dll (McAfee, Inc.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120623064950.dll (McAfee, Inc.)
O2 - BHO: (no name) - {9194649F-7143-4308-90C1-D6A35B0E354E} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LtkLWWHhOSoBnv.exe] C:\ProgramData\LtkLWWHhOSoBnv.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2441748295-1479818682-621920781-1001..\Run: [Adobe] C:\Users\Grisha\AppData\Local\Apple\Adobe\cskrjcbf.dll (Intel Corporation)
O4 - HKU\S-1-5-21-2441748295-1479818682-621920781-1001..\Run: [sp] C:\Windows\sysWOW64\rundll32.exe "C:\Users\Grisha\AppData\Roaming\585Soft\sp.DLL",ServiceMain File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.0)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.0)
O16:
64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809}
http://images3.pnimedia.com/ProductAsse ... ontrol.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58ED619C-94E1-44CE-B5B9-EA041A0B0C2A}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18:
64bit: - Protocol\Handler\cozi - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/09/29 10:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/09/29 10:29:33 | 000,000,000 | -H-D | C] -- C:\RemotePC
[2012/09/26 08:56:36 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/09/22 03:00:42 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/22 03:00:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/22 03:00:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/22 03:00:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/22 03:00:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/22 03:00:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/22 03:00:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/22 03:00:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/22 03:00:40 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/22 03:00:40 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/22 03:00:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/22 03:00:40 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/22 03:00:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/22 03:00:39 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/22 03:00:39 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/21 00:07:42 | 000,000,000 | -H-D | C] -- C:\Users\Grisha\Desktop\Navarra Unziped
[2012/09/13 03:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/13 03:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/09/11 13:48:46 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/11 13:48:45 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/11 13:48:44 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/11 13:48:43 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/10 21:30:07 | 000,000,000 | -H-D | C] -- C:\Users\Grisha\Desktop\AleshaYanaWedding
[2012/09/06 22:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/05 22:08:00 | 000,000,000 | -H-D | C] -- C:\Users\Grisha\Desktop\YanaAleshaWedding
[2012/05/14 11:49:37 | 000,082,816 | -H-- | C] (VSO Software) -- C:\Users\Grisha\AppData\Roaming\pcouffin.sys
[2011/06/01 20:29:50 | 001,062,984 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Grisha\gotomypc_540.exe
[1 C:\Users\Grisha\Desktop\*.tmp files -> C:\Users\Grisha\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/09/29 10:36:55 | 000,000,512 | ---- | M] () -- C:\Users\Grisha\Documents\MBR.dat
[2012/09/29 10:36:15 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 10:36:15 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 10:31:57 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/29 10:31:57 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/29 10:31:57 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/29 10:27:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/29 10:27:11 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/25 19:17:25 | 000,352,768 | -H-- | M] () -- C:\ProgramData\LtkLWWHhOSoBnv.exe
[2012/09/20 23:58:53 | 002,194,194 | -H-- | M] () -- C:\Users\Grisha\Desktop\navarra.zip
[1 C:\Users\Grisha\Desktop\*.tmp files -> C:\Users\Grisha\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/09/29 10:36:55 | 000,000,512 | ---- | C] () -- C:\Users\Grisha\Documents\MBR.dat
[2012/09/25 19:19:39 | 000,352,768 | -H-- | C] () -- C:\ProgramData\LtkLWWHhOSoBnv.exe
[2012/09/20 23:58:50 | 002,194,194 | -H-- | C] () -- C:\Users\Grisha\Desktop\navarra.zip
[2012/07/13 23:37:10 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/14 11:49:37 | 000,099,384 | -H-- | C] () -- C:\Users\Grisha\AppData\Roaming\inst.exe
[2012/05/14 11:49:37 | 000,007,859 | -H-- | C] () -- C:\Users\Grisha\AppData\Roaming\pcouffin.cat
[2012/05/14 11:49:37 | 000,001,167 | -H-- | C] () -- C:\Users\Grisha\AppData\Roaming\pcouffin.inf
[2012/05/14 11:38:56 | 000,000,000 | -H-- | C] () -- C:\Users\Grisha\AppData\Local\rx_image32.Cache
[2012/05/13 13:03:42 | 000,001,057 | -H-- | C] () -- C:\Users\Grisha\AppData\Roaming\vso_ts_preview.xml
[2011/12/31 21:52:58 | 000,007,605 | -H-- | C] () -- C:\Users\Grisha\AppData\Local\Resmon.ResmonCfg
[2011/10/26 10:05:53 | 000,007,578 | -H-- | C] () -- C:\Users\Grisha\test.pdf
[2011/10/18 19:52:12 | 000,003,584 | -H-- | C] () -- C:\Users\Grisha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/27 23:26:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/24 00:24:30 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/17 15:45:35 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/05/17 15:06:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/05/17 13:21:00 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/05/17 13:21:00 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/05/17 13:21:00 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/05/17 13:21:00 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/05/17 13:21:00 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/04/01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/04/01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/04/01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2012/09/25 19:53:23 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\585Soft
[2012/04/29 10:38:13 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Anyplace Control 4
[2012/06/14 17:36:27 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Babylon
[2012/09/25 19:26:26 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\BitComet
[2012/05/13 16:11:17 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Canneverbe Limited
[2012/08/29 21:46:01 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Canon
[2011/06/26 16:53:41 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\DVDFab
[2012/02/27 14:24:14 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\ICAClient
[2011/06/27 23:03:52 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Leadertech
[2011/05/22 15:12:44 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\PCDr
[2011/05/22 22:41:49 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Sammsoft
[2011/08/18 00:59:40 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\SoftGrid Client
[2011/05/24 00:24:55 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\TP
[2012/09/22 10:05:29 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\TransLite
[2012/05/14 11:49:38 | 000,000,000 | -H-D | M] -- C:\Users\Grisha\AppData\Roaming\Vso
[2012/04/22 17:59:33 | 000,000,000 | -H-D | M] -- C:\Users\Grisha 2\AppData\Roaming\ICAClient
[2012/04/22 17:59:31 | 000,000,000 | -H-D | M] -- C:\Users\Grisha 2\AppData\Roaming\translite
[2011/05/30 22:03:48 | 000,000,000 | ---D | M] -- C:\Users\GrishaShare\AppData\Roaming\translite
========== Purity Check ========== < End of report >
3) Extras.txt
OTL Extras logfile created on: 9/29/2012 10:38:54 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Grisha 2\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.98 Gb Total Physical Memory | 9.80 Gb Available Physical Memory | 81.79% Memory free
23.96 Gb Paging File | 21.81 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 199.41 Gb Total Space | 121.63 Gb Free Space | 61.00% Space Free | Partition Type: NTFS
Drive F: | 1185.57 Gb Total Space | 1098.93 Gb Free Space | 92.69% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 560.80 Gb Free Space | 60.20% Space Free | Partition Type: NTFS
Drive J: | 931.51 Gb Total Space | 534.44 Gb Free Space | 57.37% Space Free | Partition Type: NTFS
Computer Name: GRISHAMAYYAPC | User Name: Grisha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2441748295-1479818682-621920781-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AF9C271-060A-44AF-9AFE-9F0F4DB12A7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{16530B95-07C5-45C8-A39C-BFEAED75F6A5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{172629CB-57A9-427D-9C7E-295F270393F3}" = lport=445 | protocol=6 | dir=in | app=system |
"{254F46E2-CD51-4891-BD4D-473658B4D8C2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{25B1BF7B-F753-453A-BDC0-B1D631005AAC}" = lport=139 | protocol=6 | dir=in | app=system |
"{2A2C0404-7CEA-4CBC-B843-DA6DEF4FF3B6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32147D90-323A-4394-A430-32E6AF1686CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{33DA76E1-9D76-4F08-9FA8-DF690DFB958C}" = lport=138 | protocol=17 | dir=in | app=system |
"{533AD34A-5705-4BF7-BB09-E3B86548C95D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C779181-5C07-490F-A0F0-549A8F8CA64B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{607008E1-2754-41FB-ABE2-A0E570375A9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6294B4A6-09F8-466E-9D3D-20E44254341B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A9088AB-065B-4A79-9E8C-DE57A5671AD7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7BD1B9E4-C5FD-463A-A6FB-92453F5BAFB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{A82F3DAE-C944-4F05-A43F-721CBB629914}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AA63FD6A-4D09-48E4-BB00-D126D7027726}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AB0D93FF-B358-4EF3-8237-6F6E17A7D538}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB481BDF-A310-4235-8DBA-AA2A8F08D605}" = rport=445 | protocol=6 | dir=out | app=system |
"{B9F71178-4949-4626-971A-7E40E1D0ADDB}" = lport=137 | protocol=17 | dir=in | app=system |
"{C33C7A1E-2BE2-4CB3-9096-32CFA5B824DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{D7F962FD-9743-4C3F-8283-DBC44F401FFC}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD0F30DE-C814-40E9-9CB3-7180FCCAEAF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF327402-93FA-41DA-9CA2-FDE876E04DA1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7F7A35F-91BF-4C07-BD55-E3ED841D4864}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8465E88-5AF7-4CBF-9010-7F7E2C643A34}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05867E73-010B-410A-BD60-29766C63C4DB}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{08CACDC7-3387-4F9D-BDAB-FD67B9716FFA}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0957A0D4-625E-4C61-A57D-75F9AD3E10B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09D41B3E-1B63-4C93-A343-6BCBCA71FDCA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0CEA4897-2369-4CC3-AFA0-DE8956A1297B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E5BD8C4-C062-4F2B-951B-5F9E2DE1CB6B}" = protocol=6 | dir=in | app=c:\program files (x86)\anyplace control\apc_host.exe |
"{1108CBC3-A5F8-423E-96C3-3EBF86463D51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A4D4EC9-60A6-4830-BEC2-437F55908ACE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{272AE2E5-C7E9-4E68-BE88-054C5A5DDCF5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2DA6EA35-AE0C-4111-A1CE-67D0FA879DE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F7F8BC4-2EC3-4211-8892-DF7C20294AD2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3B4AEF42-9570-47FD-91E2-79BCEAA1C9FF}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{3EEA6183-4F23-4F3D-A724-74C4C156D3BD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4AB1D449-84B7-44F7-9AC4-1E1AD5EB8812}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D109624-6909-4D4F-B9DA-4A7F5B612A87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5193D39A-DEC8-42CC-87B0-2DD8094FDB96}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{52D05439-9F99-41C7-B277-81B2B311BF0F}" = protocol=17 | dir=in | app=c:\program files (x86)\anyplace control\apc_host.exe |
"{52E3943B-8E91-4CA5-BB74-AB4191B0D6C7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{531A46D2-4195-4E79-B6AB-02C5F8BCDE2D}" = protocol=6 | dir=out | app=system |
"{58F68F8B-4CD7-4F98-8547-A096DBE3BAC2}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{5BF56B54-6F54-4399-BEB9-3DD4AFDDB1BF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{64223415-4362-4371-A566-2A52CAE5634B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{64949538-F7B3-495C-8692-3E1835003676}" = dir=in | app=c:\program files (x86)\remote access host\remoteah.exe |
"{78C9D9A9-34A9-44A2-B36B-8AED867BFE99}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8C7B59DD-B3CF-401F-BFFC-A6ABE03AAF37}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{8CD2B45C-7A9E-4226-9B8A-1F5BB6ECC460}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{978EB85C-DA82-4885-B679-CA2A41168739}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{989F38DC-661E-4E9F-9133-E18BC4B8BF6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A37220EB-7F0A-4FA2-8670-1DC005E07070}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{A495B121-76BC-46C5-8D83-A12D8B85F0A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A9DBED5D-C72F-449A-8156-18E6C3D7D467}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ABF0BF62-A62E-426D-AB87-312398A1C10E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{AE1FD233-8302-47B7-9180-FB0FCC94C2EA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B7891EDA-7BA6-46F7-BE1C-3F867BB94288}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEC7A211-1F17-44FB-B18A-6814BEFDC58B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BF18E2DF-9231-4610-AAC0-9E1E774A4F83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D40BE7A2-DFC8-4374-B5FE-881BCBED6C21}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DB97BDE7-AEA3-4ED5-9609-6AC5CE129120}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DE38F4A1-8EDB-4AA0-9446-8E37903F659E}" = dir=in | app=c:\program files (x86)\remote access host\remotesoundserv.exe |
"{FD5778A4-65FC-4F77-95C3-0942890EAA4F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FF13B7D7-1715-4726-AE13-84547F96CDF5}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01DA217A-DB5F-B568-6932-42407D209516}" = ccc-utility64
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0016-0000-1000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.EXCEL_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.WORD_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.EXCEL_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.EXCEL_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.POWERPOINT_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.EXCEL_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.POWERPOINT_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.EXCEL_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.WORD_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.EXCEL_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.WORD_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.EXCEL_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.EXCEL_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.WORD_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"DW WLAN Card" = DW WLAN Card
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.WORD" = Microsoft Word 2010
"PC-Doctor for Windows" = Dell Support Center
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{067B277E-F94B-4F04-B380-BA967C00377C}_is1" = MiniTool Partition Wizard Home Edition 6.0
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A6FE998-A146-4D34-93DF-DC47D00F0830}" = Anyplace Control 5.3.1.0_Trial
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BAF04C4-9D21-2761-95A6-DE2DA9861323}" = CCC Help Spanish
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C1473A1-1A26-4C8F-9548-A52D03066CE7}" = Catalyst Control Center - Branding
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24D3ACAC-E441-AF66-94CF-0C021A4EFBD8}" = Catalyst Control Center Localization All
"{265245FC-4ECC-C35A-F2A9-3E915BFB2F6F}" = Catalyst Control Center Graphics Previews Common
"{268679E8-7198-F2E6-5A71-F3D4C9A0C2FB}" = CCC Help Italian
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2CBB71EE-A4DD-4B4D-A635-608D8D1E6F81}" = Driver Tool
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38B2B0F6-0C7F-ECE6-9A61-C546658508F4}" = ccc-core-static
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{4261174B-FCD7-CD19-E81C-24262EB5AF42}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C352349-421A-7E87-C7BD-DF27162B12CA}" = Catalyst Control Center Graphics Previews Vista
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5CCF2E33-181B-BD49-57AE-B513D37C6909}" = CCC Help English
"{649483EB-B464-1EE2-04E4-4BEC79B510D4}" = CCC Help German
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A646891-7B53-C462-0B71-401E519D198C}" = Catalyst Control Center InstallProxy
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{75F36A60-9969-C24F-5EB1-6DBC03F15196}" = CCC Help Russian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85F93FBC-02AF-1E39-D027-0E1FCA5C90F5}" = Skins
"{887D48C8-DA00-232B-3CB6-0FB086AD6FBB}" = CCC Help Chinese Standard
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF2328D-A3D1-B08C-E868-68CDA4025E1D}" = CCC Help Polish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{915284CD-1A88-82B0-7ED8-08BCF1B8509A}" = CCC Help Norwegian
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABEE1201-0FEA-E62F-6CB9-5D54BEB5E4AA}" = CCC Help Dutch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B82EC7CD-5FB1-32A5-444A-8F896B734CC7}" = CCC Help Korean
"{B89E66E6-659A-9078-2BDF-14E8C11928AA}" = CCC Help Chinese Traditional
"{BAF6A826-DF92-8954-98F1-2CC67C6B419E}" = CCC Help Portuguese
"{BD6A872A-A0AE-36FC-9284-6E3595FB39ED}" = CCC Help Danish
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9461813-98BB-5823-FFAB-11FBD1B124DF}" = CCC Help Japanese
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1AE1C98-646A-DC21-076A-0FD5957FCAD2}" = CCC Help Czech
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4A97EBC-ABA6-9F3A-1EE0-D5B6C36FDFB5}" = CCC Help Finnish
"{D770F4B4-C422-45D9-8CEE-1B4C66E68CA8}" = Dell Stage
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E5AF275B-D4B1-EE5E-27BD-844C491B86CA}" = CCC Help Swedish
"{E5FCC675-C479-3CAB-0B9E-CC1838417049}" = CCC Help Hungarian
"{E6D8D70F-B63E-4AFB-BA82-1E7591937A71}" = Hide IP Extreme Package 4.1
"{E9811C8F-D729-01D3-9347-DCE297354C0A}" = CCC Help French
"{EA4340F5-7676-693D-A908-DF9D44771F7B}" = CCC Help Thai
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F09C03B6-CF93-5099-4ED7-CF47DB2027E6}" = CCC Help Turkish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F336F89D-8C5A-432C-8EA9-DA19377AD591}" = Dell MusicStage
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.0.0 (16/06/2011) Qt
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.9.5 (Full)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 2.2" = Canon MP Navigator 2.2
"MSC" = McAfee SecurityCenter
"Picasa 3" = Picasa 3
"Remote Access Host_is1" = Remote Access Host Ver 4.5.3
"TransLite" = TransLite Dictionary
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 6/10/2012 9:50:06 PM | Computer Name = GrishaMayyaPC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3644 (0xe3c) Thread address : 0x0000000077BD138A Thread message : Build VSCORE.14.4.0.387
/ 5400.1158 Object being scanned = \Device\HarddiskVolume16\Video\Big Buck Bunny.avi
by C:\Windows\system32\WUDFHost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 6/23/2012 9:18:37 PM | Computer Name = GrishaMayyaPC | Source = HOB NATIVENOTIF | ID = 1
Description =
Error - 6/23/2012 9:18:37 PM | Computer Name = GrishaMayyaPC | Source = HOB NATIVENOTIF | ID = 1
Description =
Error - 7/2/2012 3:26:10 AM | Computer Name = GrishaMayyaPC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 7/7/2012 8:04:03 PM | Computer Name = GrishaMayyaPC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16446 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 20c0 Start
Time: 01cd5c9b805286df Termination Time: 58 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:
Error - 7/7/2012 8:07:18 PM | Computer Name = GrishaMayyaPC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16446 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 4e0 Start
Time: 01cd5c9d2f14521a Termination Time: 36 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:
Error - 7/15/2012 12:25:03 AM | Computer Name = GrishaMayyaPC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 144c Start
Time: 01cd5fb2c35f0aef Termination Time: 32 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:
Error - 7/15/2012 12:25:38 AM | Computer Name = GrishaMayyaPC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1cec Start
Time: 01cd6241cdf49188 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:
Error - 7/15/2012 12:26:25 AM | Computer Name = GrishaMayyaPC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2178 Start
Time: 01cd6241e2ccb83a Termination Time: 16 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:
Error - 8/15/2012 4:46:51 PM | Computer Name = GrishaMayyaPC | Source = HOB NATIVENOTIF | ID = 1
Description =
[ Dell Events ]
Error - 10/29/2011 8:21:29 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/30/2011 5:00:17 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/30/2011 5:00:17 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/31/2011 11:26:22 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/31/2011 11:26:22 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/1/2011 4:27:23 PM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/1/2011 4:27:24 PM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/13/2011 12:32:38 PM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/13/2011 12:32:39 PM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/14/2011 2:53:06 AM | Computer Name = GrishaMayyaPC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 9/30/2011 11:23:29 AM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 11:23:29 AM - Error connecting to the internet. 11:23:29 AM - Unable
to contact server..
Error - 9/30/2011 11:24:01 AM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 11:23:58 AM - Error connecting to the internet. 11:23:58 AM - Unable
to contact server..
Error - 9/30/2011 12:24:32 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 12:24:32 PM - Error connecting to the internet. 12:24:32 PM - Unable
to contact server..
Error - 9/30/2011 12:25:02 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 12:25:02 PM - Error connecting to the internet. 12:25:02 PM - Unable
to contact server..
Error - 9/30/2011 1:25:33 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 1:25:33 PM - Error connecting to the internet. 1:25:33 PM - Unable
to contact server..
Error - 9/30/2011 1:26:03 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 1:26:02 PM - Error connecting to the internet. 1:26:02 PM - Unable
to contact server..
Error - 9/30/2011 2:26:35 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 2:26:34 PM - Error connecting to the internet. 2:26:35 PM - Unable
to contact server..
Error - 9/30/2011 2:27:04 PM | Computer Name = GrishaMayyaPC | Source = MCUpdate | ID = 0
Description = 2:27:04 PM - Error connecting to the internet. 2:27:04 PM - Unable
to contact server..
[ System Events ]
Error - 9/12/2012 5:51:31 AM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 9/12/2012 5:51:34 AM | Computer Name = GrishaMayyaPC | Source = DCOM | ID = 10010
Description =
Error - 9/13/2012 4:43:24 PM | Computer Name = GrishaMayyaPC | Source = WMPNetworkSvc | ID = 866333
Description =
Error - 9/19/2012 10:33:33 AM | Computer Name = GrishaMayyaPC | Source = DCOM | ID = 10016
Description =
Error - 9/22/2012 3:16:31 AM | Computer Name = GrishaMayyaPC | Source = DCOM | ID = 10010
Description =
Error - 9/22/2012 10:02:07 AM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 9/25/2012 7:33:41 PM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 9/25/2012 7:47:17 PM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 9/25/2012 8:00:46 PM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 9/29/2012 10:28:45 AM | Computer Name = GrishaMayyaPC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
< End of report >
Looking forward to you reviewing these and instructing as to the next steps. Thank You very much again!
Regards,
MLGuru