Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I am starting to hate computers!!!!!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 8th, 2012, 7:51 pm

I have been having trouble for a while, it seems my computer is being attacked through some kind of remote access. My files get switched around, nothing looks like it is supposed to, I can't log into my email securely, its as if the web pages aren't really the right ones. Also, my system restore doesn't work, I rebooted to factory today but I'm not even sure that worked. Help me please! This is following me from my old computer to my new laptop and I can't buy another one. :( Here are the logs......
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16438
Run by Rita at 15:36:26 on 2012-12-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5608.3723 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingApp.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1E468A6F-F061-47CE-B26C-00013DFA08A5} : DHCPNameServer = 172.168.21.22
TCP: Interfaces\{5850C882-4BB1-4CB1-8D43-B56B8C336BF5} : DHCPNameServer = 192.168.1.254
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-27 235520]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-1-26 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-11-13 55936]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\drivers\appexDrv.sys [2012-6-4 189760]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-8-10 1641320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-6-4 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-6-4 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-4 646248]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-6-4 56448]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/08 14:21:23;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-2-8 244720]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-8 19456]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-8 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-8 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-08 23:29:16 -------- d-----w- C:\Windows\SysWow64\Wat
2012-12-08 23:29:16 -------- d-----w- C:\Windows\System32\Wat
2012-12-08 23:19:27 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-12-08 23:19:27 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-12-08 23:19:27 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-12-08 23:19:27 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-08 23:10:58 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-12-08 23:10:58 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-12-08 23:10:57 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-12-08 23:10:57 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-12-08 23:10:56 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-12-08 23:10:56 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-12-08 23:10:56 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-12-08 23:10:00 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-12-08 23:10:00 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-12-08 23:10:00 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-12-08 23:10:00 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-12-08 23:10:00 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-12-08 23:08:30 -------- d-----w- C:\0e16eb55de5aab42910fa7552fecb3
2012-12-08 23:08:06 -------- d-----w- C:\Users\Rita\AppData\Roaming\WinPatrol
2012-12-08 23:07:57 -------- d-----w- C:\Program Files (x86)\BillP Studios
2012-12-08 23:07:56 -------- d-----w- C:\ProgramData\InstallMate
2012-12-08 23:02:53 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-12-08 22:59:31 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-12-08 22:59:23 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-12-08 22:59:23 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-12-08 22:43:30 -------- d-----w- C:\ProgramData\TrueSuite
2012-12-08 22:36:06 -------- d-----w- C:\Users\Rita\AppData\Local\CrashDumps
2012-12-08 22:24:04 -------- d-----w- C:\Program Files (x86)\HP SimplePass
2012-12-08 22:21:57 -------- d-----w- C:\Program Files\Common Files\AuthenTec
2012-12-08 22:21:57 -------- d-----w- C:\Program Files (x86)\Common Files\AuthenTec
2012-12-08 22:21:51 -------- d-----w- C:\ProgramData\HP SimplePass 2011
2012-12-08 22:11:11 -------- d-----w- C:\Program Files\IDT
2012-12-08 22:00:59 599040 ----a-w- C:\Program Files\Internet Explorer\FeedbackTool.dll
2012-12-08 22:00:59 481280 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2012-12-08 22:00:59 356352 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2012-12-08 22:00:59 327680 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2012-12-08 21:58:19 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-12-08 21:51:21 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-12-08 21:51:13 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-12-08 21:49:11 -------- d-----w- C:\Users\Rita\AppData\Local\Apps
2012-12-08 21:48:09 8795216 ----a-w- C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-12-08 21:44:20 -------- d-----w- C:\Users\Rita\AppData\Local\WindowsUpdate
2012-12-08 21:43:14 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-12-08 21:43:14 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-12-08 21:43:14 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-12-08 21:39:53 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-12-08 21:39:49 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-12-08 21:39:42 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-12-08 21:39:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-12-08 21:31:31 -------- d-----w- C:\Users\Rita\AppData\Local\AMD
2012-12-08 21:31:21 -------- d-----w- C:\Users\Rita\AppData\Local\ATI
2012-12-08 21:31:18 -------- d-----w- C:\Users\Rita\AppData\Roaming\Synaptics
2012-12-08 21:30:44 -------- d-----w- C:\Users\Rita\AppData\Local\VirtualStore
2012-12-08 21:27:43 -------- d-----w- C:\Users\Rita\AppData\Roaming\hpqlog
2012-12-08 21:27:38 -------- d-----w- C:\Users\Rita\AppData\Local\Hewlett-Packard
2012-12-08 21:26:07 -------- d-----w- C:\Users\Rita\AppData\Local\RemEngine
2012-12-08 21:26:02 -------- d-----w- C:\Users\Rita\AppData\Local\AuthenTec
2012-12-08 21:25:54 -------- d-----w- C:\Users\Rita\AppData\Local\Hewlett-Packard_Company
2012-12-08 20:16:05 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
.
==================== Find3M ====================
.
2012-12-08 22:18:31 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-12-08 22:18:31 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-12-08 22:18:31 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-12-08 22:10:54 255488 ----a-w- C:\Windows\System32\staco64.dll
2012-12-08 21:59:57 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-12-08 21:58:19 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-29 06:32:08 2177688 ----a-w- C:\Windows\System32\coin92.dll
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 21:40:56 43840 ----a-w- C:\Windows\System32\drivers\Accelerometer.sys
2012-09-24 21:40:56 31040 ----a-w- C:\Windows\System32\hpservice.exe
2012-09-24 21:40:56 31040 ----a-w- C:\Windows\System32\drivers\hpdskflt.sys
2012-09-24 21:40:56 21312 ----a-w- C:\Windows\System32\accelerometerdll.DLL
2012-09-24 21:40:56 18240 ----a-w- C:\Windows\System32\HPMDPCoInst12.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 15:37:15.34 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/8/2012 1:24:25 PM
System Uptime: 12/8/2012 3:30:14 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 1833
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics | Socket FT1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 576 GiB total, 538.093 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.053 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP3: 12/8/2012 1:37:23 PM - HPSF Restore Point
RP4: 12/8/2012 1:39:19 PM - Windows Update
RP5: 12/8/2012 1:43:15 PM - Windows Update
RP6: 12/8/2012 1:51:47 PM - Removed Skype™ 5.6
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX 64-bit
Adobe Reader X (10.1.0) MUI
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Quick Stream
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Atheros Driver Installation Program
AuthenTec TrueAPI 64-bit
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blio
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Cradle of Rome 2
CyberLink PowerDVD
CyberLink YouCam
D3DX10
Dora's World Adventure
ESU for Microsoft Windows 7 SP1
Evernote v. 4.5.2
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Hewlett-Packard ACLM.NET v1.1.2.0
Hoyle Card Games
HP 3D DriveGuard
HP Application Assistant
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass
HP Software Framework
HP Support Assistant
IDT Audio
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
Mesh Runtime
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
opensource
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
swMSM
Synaptics Pointing Device Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Update Installer for WildTangent Games App
Validity WBF DDK
Virtual Villagers 4 - The Tree of Life
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPatrol
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
12/8/2012 3:32:06 PM, Error: Service Control Manager [7023] -
12/8/2012 3:27:44 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Rita-HP\Rita SID (S-1-5-21-2030555222-4006382014-3683676925-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/8/2012 3:24:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
12/8/2012 3:21:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).
12/8/2012 3:19:00 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).
12/8/2012 2:23:05 PM, Error: Service Control Manager [7034] - The TrueAPI Service component service terminated unexpectedly. It has done this 1 time(s).
12/8/2012 2:13:27 PM, Error: Service Control Manager [7030] - The HPWMISVC service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/8/2012 1:31:26 PM, Error: Service Control Manager [7034] - The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm
Advertisement
Register to Remove

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 9th, 2012, 5:27 pm

checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 9th, 2012, 5:34 pm

Hi rmshaffer,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator


Create a batch file
  1. Open Notepad.
  2. Copy/paste the following text into the empty Notepad window.
    Code: Select all
    @echo off
    Nslookup www.malwarebytes.org >> results.txt 
    Nslookup www.safer-networking.org >> results.txt 
    Nslookup www.google.com >> results.txt
    Nslookup www.google.co.uk  >> results.txt
    Ping www.malwarebytes.org >> results.txt 
    ping www.safer-networking.org >> results.txt 
    ping www.google.com >> results.txt 
    ping www.google.co.uk >> results.txt 
    start notepad results.txt 
    Del %0
    
  3. Save the file as xxx.bat on your desktop. Save it with the file type... all types *.*.
  4. Double click the file xxx.bat to execute.

results.txt should open in Notepad automatically when the script has complete, post the contents of this file in your next reply.

I rebooted to factory today but I'm not even sure that worked.


Are you still seeing the same problems after the factory reset?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 9th, 2012, 8:54 pm

Hi, Thank you for helping me!!!! Although I am afraid my data may have changed now, when I got on my computer today, it said to restart to update and when it came back on it said there was no boot something and I could only do a factory reset again. I couldn't get any windows files to come up, i had to press F11. Anyways, I did the xxxbat and here is the log, I have not installed any updates yet.
Server: kalama.gateway
Address: 192.168.1.254

Name: gs1.wac.v2cdn.net
Address: 72.21.91.19
Aliases: www.malwarebytes.org
wac.1D00.edgecastcdn.net

Server: kalama.gateway
Address: 192.168.1.254

Name: www.safer-networking.org
Address: 188.165.126.152

Server: kalama.gateway
Address: 192.168.1.254

Name: www.google.com
Addresses: 2607:f8b0:400e:c02::69
74.125.129.99
74.125.129.103
74.125.129.104
74.125.129.105
74.125.129.106
74.125.129.147

Server: kalama.gateway
Address: 192.168.1.254

Name: www.google.co.uk
Addresses: 2607:f8b0:400e:c02::5e
74.125.129.94


Pinging gs1.wac.v2cdn.net [72.21.91.19] with 32 bytes of data:
Reply from 72.21.91.19: bytes=32 time=62ms TTL=54
Reply from 72.21.91.19: bytes=32 time=61ms TTL=54
Reply from 72.21.91.19: bytes=32 time=59ms TTL=54
Reply from 72.21.91.19: bytes=32 time=61ms TTL=54

Ping statistics for 72.21.91.19:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 62ms, Average = 60ms

Pinging www.safer-networking.org [188.165.126.152] with 32 bytes of data:
Reply from 188.165.126.152: bytes=32 time=224ms TTL=47
Reply from 188.165.126.152: bytes=32 time=223ms TTL=47
Reply from 188.165.126.152: bytes=32 time=224ms TTL=47
Reply from 188.165.126.152: bytes=32 time=222ms TTL=47

Ping statistics for 188.165.126.152:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 222ms, Maximum = 224ms, Average = 223ms

Pinging www.google.com [74.125.129.105] with 32 bytes of data:
Reply from 74.125.129.105: bytes=32 time=68ms TTL=47
Reply from 74.125.129.105: bytes=32 time=68ms TTL=47
Reply from 74.125.129.105: bytes=32 time=66ms TTL=47
Reply from 74.125.129.105: bytes=32 time=68ms TTL=47

Ping statistics for 74.125.129.105:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 66ms, Maximum = 68ms, Average = 67ms

Pinging www.google.co.uk [74.125.129.94] with 32 bytes of data:
Reply from 74.125.129.94: bytes=32 time=68ms TTL=47
Reply from 74.125.129.94: bytes=32 time=68ms TTL=47
Reply from 74.125.129.94: bytes=32 time=67ms TTL=47
Reply from 74.125.129.94: bytes=32 time=69ms TTL=47

Ping statistics for 74.125.129.94:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 67ms, Maximum = 69ms, Average = 68ms
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 10th, 2012, 9:00 am

Hi rmshaffer,

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe and select: Run as Administrator.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool. Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue

    DO NOT change the default actions, other than CURE to SKIP.

  7. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  8. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  9. If no reboot is required, click on Report. A log file should appear.
  10. Please post the contents of the log file in your next reply
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 12th, 2012, 8:24 pm

I apologize for taking so long but was unable to get on my computer and had to reset yet again. Plus work , anyways, heres the OTL logs,
OTL Extras logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B30CD-B392-46F8-94A4-BD895E905C4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{111C1C15-E931-41D0-95CA-A365FAA5FDC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{16A8B024-6906-47E4-8AB9-339234E78748}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1D9FA49F-A40F-4665-9FB7-43E8B8ED2999}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A8E51E6-B888-4537-8B1F-69061F6F574B}" = rport=139 | protocol=6 | dir=out | app=system |
"{343FCD47-7FA7-43BD-9667-BE60C51A6C74}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{458AA00E-B09C-4B04-835B-CB2FB66896FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{539F8932-BAD0-495D-830D-2C42D2F03705}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72D270BD-E50B-4445-9CD9-64EED88B406E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76286D5A-1172-4A9D-94CF-4331D195595C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86611CFF-F623-46C4-B37D-E9AF82B1F808}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{87FDEC77-14B1-4CE4-A8BA-02F253D98A29}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EB16B56-14C8-400D-8F85-BB28BAFA256B}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7FB7334-A004-401C-821D-04AD179BA696}" = rport=137 | protocol=17 | dir=out | app=system |
"{C092BB2D-F5D5-4433-9048-CECB89A0352F}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6D3957B-6A0F-49F6-B1B1-199A81F60579}" = rport=445 | protocol=6 | dir=out | app=system |
"{D359BB33-82A4-4B2A-9738-01AE0064EC90}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB21FD30-80CB-4ACC-A02B-18E8632CBB7F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E64BDCCA-794C-41E8-94EA-D808B73AC8C3}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA896BF6-E57A-49A2-BB4A-B1322347F948}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EE7AB9FD-2C81-403A-A92C-090720AA08EC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0F6A1E6-CEA9-4B1E-97F5-1CF667DDEC75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBC6E276-0F69-4592-B7CF-B5CBC787E755}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{177B800A-6EFE-429C-B583-90092BE693B0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{1AE91620-1F2F-42B0-A2A5-E3D3D8FEBB2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2771FD1F-EE52-4C57-B90C-1FC86F6B6BC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF00EDF-84B8-4836-B67E-9978646400B2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{39BFC79E-9F3D-4B34-947A-52F2698843AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DC721C2-EA7A-4BFC-83A5-614929236899}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{4823325E-C1F8-4FD5-9578-7BC64C30A6FF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{48F21CC0-5158-467A-9D67-CBEC1021DDDF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{526CAF9E-72EF-4BFF-AB1A-71D3E2D64504}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52D305DE-9BF2-47F5-BF3F-7C37ABE80210}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{54A94C48-48DC-42CE-BEAA-A54E300A9C15}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{64F7BA04-FFB6-4168-9D76-E770873E0A05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{65BCB2FB-07B3-4496-ADDF-A76C8756F991}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{6B1BBDE4-0B5B-4D20-B1F5-16C8BEF3BB86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81DA2105-8849-4101-A0C6-DFE7E49674AB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{84380DD1-DA05-402E-8030-703609A8A9F8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{86A5EFB7-0D5F-4F1B-99B9-F1094780570E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{88DC6E02-3678-449C-AA57-200B77E1269D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E7157C1-D5E1-4ED0-9D97-90F076D44FC9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91E2B41E-E831-4B13-83E0-6C66AC190C43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9772B17C-05DD-4D29-8426-F8C59DC3EB40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EEB99B0-D823-43E2-9B07-4767A20A62AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B59D0E8C-C908-4E69-8F5C-B9597F6BC2CE}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{C4667FDF-A9DC-4647-927A-EF7DF07D70E2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C61B0854-DFC6-42DB-B186-5E0EAFCACB18}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA15FCA7-6E7E-4107-AC9C-9C52E066CD4F}" = protocol=6 | dir=out | app=system |
"{CE51D2D3-7CED-4908-B7E1-5E7ABF389417}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9CA8458-34C9-4539-AFF0-E494591AF6AF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{DD14AB68-3BE6-45F8-B8BB-22C11707F133}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E345C5E6-0C68-4E11-9C60-23BD95CCF3F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F496343C-D9C0-4D65-8E93-92BE6836F68E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FC075C5B-7774-4127-8896-31CB19CF9DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE4F415A-BD3B-44BD-862A-EDC23791B1CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EAFA990-1C26-21B7-FCC5-A1A84E4F5093}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{6343914E-12BF-1945-6833-0BDE64154A80}" = AMD Accelerated Video Transcoding
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7B8A295E-8F17-6CBB-6292-42FF394EC7F3}" = AMD Fuel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}" = HP 3D DriveGuard
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}" = Validity WBF DDK
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5E8615E-3433-5473-C6E5-12726B6216F1}" = AMD Catalyst Install Manager
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"{F9E64F70-9BE4-4ECD-9B83-09E74CF5B6C3}" = AuthenTec TrueAPI 64-bit
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B813004-2372-96AE-140C-F6748C51FD2A}" = Catalyst Control Center Graphics Previews Common
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
"{1719D986-582A-9822-029F-C290FE7D2AAB}" = Catalyst Control Center Localization All
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D45482B-12E5-E2FD-14A5-BED2ACE11A1D}" = CCC Help Swedish
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31BF9CD1-A904-43B5-A236-53E5E908AD0E}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{41861336-C1FA-987B-3678-157CE6B9D7CF}" = CCC Help Korean
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56DE3634-A3D1-BD58-EA6D-8071802DE435}" = CCC Help French
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59AD711B-0001-378C-B0F1-8E70C68DDCA3}" = CCC Help Italian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{650374B1-1AA2-DF04-43D7-8778904411EA}" = CCC Help German
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DE80866-EF92-47C1-80F5-1EA83B7A0AA2}" = HP Software Framework
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{72B08932-4A95-1E56-31F2-D0D5D4D99F43}" = Catalyst Control Center InstallProxy
"{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}" = Blio
"{777CCFFC-7BB3-519E-AD25-B8C49C4EE3FD}" = CCC Help Finnish
"{790349F7-4510-EF49-BB89-AB99A7129B80}" = CCC Help Dutch
"{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}" = ESU for Microsoft Windows 7 SP1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{880B5A98-B242-4B53-BD6F-41EA17495EAD}" = HP SimplePass
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90800174-B9B4-3B06-5B34-6EE15EED4180}" = CCC Help Greek
"{910D3646-DFC3-CA61-301A-115CEEC32FE7}" = CCC Help Czech
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3FEE4BE-2C02-0247-1096-13EF4CE51056}" = CCC Help Polish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}" = Bing Bar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB73B892-EFDB-66F0-9B4D-2E76FDBC1631}" = CCC Help Danish
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{ADFE56FF-FA9E-27BC-64DA-7C572AC64777}" = AMD VISION Engine Control Center
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B0A506CA-121C-1D1E-4928-B0B218162647}" = CCC Help English
"{B288E426-9954-451C-B811-B0F234CF0EDD}" = HP Documentation
"{B299BB6B-6EBF-779A-C8A3-0850A48C922D}" = CCC Help Hungarian
"{BEC3EDB0-0335-CB35-C221-17E661353206}" = CCC Help Chinese Traditional
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}" = HP Quick Launch
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0424A3C-2E75-C134-2924-1A447C57F4D3}" = CCC Help Japanese
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C62DAD-7622-53DF-FCE9-2E95FD9B046D}" = CCC Help Portuguese
"{D74129D9-310B-74B4-0094-86513C8D4A7F}" = CCC Help Russian
"{D87E8E9F-C446-7278-03D9-E24115AACD35}" = CCC Help Turkish
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F452DCFD-132B-82A1-E1D7-D9528DCF053A}" = CCC Help Thai
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE4774EB-C32D-2F8E-E803-C0CE30C6ED44}" = CCC Help Chinese Standard
"{FEB04D08-9097-C389-26E1-DDDC6886B4C0}" = CCC Help Spanish
"{FEFFE639-F8AE-BEBB-1AA8-FF83CE162EB7}" = CCC Help Norwegian
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"NIS" = Norton Internet Security
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-048dab58-1004-4994-9423-b70e6451d9ed" = Polar Golfer
"WTA-09f333ef-c357-4b8f-bc4e-394ed04afe47" = Hoyle Card Games
"WTA-0c4ec102-1dfb-4e32-b075-0f01f5904559" = RollerCoaster Tycoon 3: Platinum
"WTA-0cb981b7-5eb6-4921-857b-f58dcd4a68f5" = Torchlight
"WTA-0e702ec1-e654-4fef-87cc-f08a5acab509" = FATE
"WTA-0e7df24f-5f54-4e52-b7b6-01f442a36f9f" = Cradle of Rome 2
"WTA-12675930-583c-4b08-9f16-34c7f4ec389f" = Polar Bowler
"WTA-286cc9aa-81e9-4489-9c58-ed715253495d" = Zuma's Revenge
"WTA-3daa7805-4ddc-42e3-a395-a853cd7a33b6" = Luxor HD
"WTA-40481a4c-0299-4ebe-9609-6882e084f2ff" = Dora's World Adventure
"WTA-450b53fa-8378-4b53-9dfe-0cb4be8cb88a" = Virtual Villagers 4 - The Tree of Life
"WTA-55956fa9-276a-4d13-8b6b-0a1621fe2cca" = Farm Frenzy
"WTA-748f37fe-1b8b-4957-960a-b5d29f5f8f36" = Penguins!
"WTA-84eac363-d978-4911-bb94-1203d8818c9c" = John Deere Drive Green
"WTA-8a2ba2c7-f206-4499-8468-a9bdedfd670d" = Plants vs. Zombies - Game of the Year
"WTA-94bd22d6-e966-431c-8be1-dad2a582b336" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-988baaeb-a189-4029-91ef-335a27da77d4" = Final Drive Fury
"WTA-98ba00f4-d63b-41c4-a1c9-29c4abec926b" = Blackhawk Striker 2
"WTA-a1b71fdb-ac61-40a2-98ec-0119fe8cc685" = The Treasures of Mystery Island: The Ghost Ship
"WTA-a9ba02f8-d032-4b19-99c2-7c3b1a3c87b9" = Jewel Match 3
"WTA-cb83a4d7-5c15-4cda-8f07-99b2edf88d3c" = Bejeweled 3
"WTA-d1bbdcf8-8487-4aef-b560-bf86410e81f1" = Mah Jong Medley
"WTA-df7e2ac8-4c48-445d-a924-53d24a91fb63" = Letters from Nowhere 2
"WTA-e64aa229-9119-48dc-bf2e-362c0f08f280" = Chuzzle Deluxe
"WTA-ed4730cf-7db7-4619-ba85-12bd851e3dd5" = Farmscapes
"WTA-f343f258-1f07-4bab-af41-e10575d71021" = Poker Superstars III

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/10/2012 8:25:35 AM | Computer Name = Rita-HP | Source = Caught Exception in Main(string[] args) HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
Setup\Easy Internet Signup\offers\en_us\OfferCount.ini'. at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
HTMLTemplateUpdater.TemplateUpdater.Run() in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\TemplateUpdater.cs:line
56 at HTMLTemplateUpdater.Program.Main(String[] args) in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\Program.cs:line
36

Error - 12/10/2012 8:25:51 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 12/10/2012 9:28:04 AM | Computer Name = Rita-HP | Source = Application Error | ID = 1000
Description = Faulting application name: HPWMISVC.exe, version: 2.5.3.0, time stamp:
0x4ed4a2e7 Faulting module name: HPWMISVC.exe, version: 2.5.3.0, time stamp: 0x4ed4a2e7
Exception
code: 0xc0000005 Fault offset: 0x000018ae Faulting process id: 0x528 Faulting application
start time: 0x01cdd6d12562449a Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Report Id: 6cf00bb2-42cd-11e2-be48-082e5f77ff5a

Error - 12/11/2012 9:33:54 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/11/2012 9:56:33 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:00:26 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:34:57 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/12/2012 8:03:46 PM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 12/10/2012 9:28:11 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly. It has done this 1
time(s).

Error - 12/11/2012 9:58:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service
Pack 2 for x64-based Systems (KB954430).

Error - 12/11/2012 10:02:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack
2 for x64-based Systems (KB973688).

Error - 12/11/2012 10:34:17 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405


< End of report >
OTL logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass\TouchControl.exe (AuthenTec Inc.)
PRC - C:\Program Files (x86)\HP SimplePass\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (TrueService) -- C:\Program Files\Common Files\AuthenTec\TrueService.exe (AuthenTec, Inc.)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (HPAuto) -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Hewlett-Packard)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.1) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/12/10 05:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/12/12 16:05:34 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/store?A ... &keywords=%w
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E468A6F-F061-47CE-B26C-00013DFA08A5}: DhcpNameServer = 172.168.21.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5850C882-4BB1-4CB1-8D43-B56B8C336BF5}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/12 06:37:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/12 06:37:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/12 06:37:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/12 06:37:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/12 06:37:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/12 06:37:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/12 06:37:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/12 06:37:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/12 06:37:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/12 06:37:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/12 06:37:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/12 06:37:22 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/12 06:37:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/12 06:37:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/12 06:37:21 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/12 05:47:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/12 05:47:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/12 05:47:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/12 05:47:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/12 05:47:17 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/12 05:47:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/12 05:47:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/12 05:47:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/12 05:47:17 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/12 05:47:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/12 05:47:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/12 05:47:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/12 05:47:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/12 05:47:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/12 05:47:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/12 05:47:09 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/12 05:47:09 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/12 05:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/12 05:38:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/12 05:38:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/11 05:58:40 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/12/11 05:58:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/12/11 05:47:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/11 05:47:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/11 05:47:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/11 05:47:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/11 05:46:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/12/11 05:46:45 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/12/11 05:45:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/11 05:45:00 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/12/11 05:45:00 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/12/11 05:45:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/11 05:45:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/11 05:45:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/11 05:44:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/12/11 05:44:37 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/12/11 05:44:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/12/11 05:44:30 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/12/11 05:44:30 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/12/11 05:44:30 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/12/11 05:44:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/11 05:44:24 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/12/11 05:44:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/12/11 05:44:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/12/11 05:44:18 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/12/11 05:44:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/12/11 05:44:16 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/12/11 05:44:15 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/12/11 05:44:14 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/12/11 05:44:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/12/11 05:44:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/12/11 05:44:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/12/11 05:44:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/12/11 05:44:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/12/11 05:44:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/12/11 05:44:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/12/11 05:44:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/12/11 05:44:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/12/11 05:44:10 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/12/11 05:44:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/12/11 05:44:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/12/11 05:44:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/11 05:44:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/11 05:42:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/12/11 05:42:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/12/11 05:40:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/12/11 05:40:03 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/12/11 05:40:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/12/11 05:39:59 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/12/11 05:39:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/12/10 05:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2012/12/10 05:29:48 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/12/10 05:29:48 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/12/10 05:28:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Macromedia
[2012/12/10 05:28:43 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Adobe
[2012/12/10 05:28:37 | 000,000,000 | ---D | C] -- C:\AuthLog
[2012/12/10 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AMD
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\ATI
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\ATI
[2012/12/10 05:27:59 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Synaptics
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\Searches
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/10 05:27:35 | 000,000,000 | -H-D | C] -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/12/10 05:27:27 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Identities
[2012/12/10 05:27:26 | 000,000,000 | R--D | C] -- C:\Users\Rita\Contacts
[2012/12/10 05:26:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Hewlett-Packard
[2012/12/10 05:26:54 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\hpqlog
[2012/12/10 05:26:47 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard
[2012/12/10 04:25:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2012/12/10 04:25:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AuthenTec
[2012/12/10 04:25:36 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\RemEngine
[2012/12/10 04:25:34 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard_Company
[2012/12/10 04:25:11 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\VirtualStore
[2012/12/10 04:24:55 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/12/10 04:24:55 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/12/10 04:24:55 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/12/10 04:24:52 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/12/10 04:24:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/12/10 04:24:52 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/12/10 04:24:48 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/12/10 04:24:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/12/10 04:24:39 | 000,000,000 | --SD | C] -- C:\Users\Rita\AppData\Roaming\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Videos
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Saved Games
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Pictures
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Music
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Links
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Favorites
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Downloads
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Documents
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Desktop
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Temporary Internet Files
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Templates
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Start Menu
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\SendTo
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Recent
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\PrintHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\NetHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Videos
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Pictures
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Music
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\My Documents
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Local Settings
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\History
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Cookies
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -H-D | C] -- C:\Users\Rita\AppData
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Temp
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Media Center Programs
[2012/12/10 04:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/09 21:30:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:03 | 000,001,083 | ---- | M] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/12 16:07:42 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/12 16:07:42 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/12 16:07:42 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/12 16:03:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/12 16:03:21 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/12 16:03:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/12 16:02:48 | 115,630,079 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/11 05:32:38 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 05:28:28 | 000,001,437 | ---- | M] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/13 22:11:44 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/13 22:02:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/13 22:02:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/13 21:58:36 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/13 21:57:46 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/13 21:57:35 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/13 21:55:26 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/13 21:53:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/13 21:46:25 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/13 17:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/13 17:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/13 17:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/13 17:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/13 17:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/13 17:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2012/12/12 16:10:03 | 000,001,083 | ---- | C] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/11 05:58:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/11 05:47:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/10 05:28:28 | 000,001,437 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 05:27:52 | 000,001,409 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/10 05:27:46 | 000,001,443 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/12/10 05:27:18 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 04:25:45 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/12/10 04:25:45 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\HP Marketplace.lnk
[2012/12/10 04:25:44 | 000,002,328 | ---- | C] () -- C:\Users\Public\Desktop\Zya Music...FREE!.lnk
[2012/12/10 04:25:44 | 000,002,202 | ---- | C] () -- C:\Users\Public\Desktop\rara Music.lnk
[2012/12/10 04:24:39 | 000,000,290 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/12/10 04:24:39 | 000,000,272 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/12/09 21:30:16 | 115,630,079 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:31:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/01/27 12:18:28 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/01/27 12:18:28 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/26 17:50:14 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/12/13 20:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/13 11:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/06 11:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 12th, 2012, 8:25 pm

I apologize for taking so long but was unable to get on my computer and had to reset yet again. Plus work , anyways, heres the OTL logs,
OTL Extras logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B30CD-B392-46F8-94A4-BD895E905C4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{111C1C15-E931-41D0-95CA-A365FAA5FDC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{16A8B024-6906-47E4-8AB9-339234E78748}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1D9FA49F-A40F-4665-9FB7-43E8B8ED2999}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A8E51E6-B888-4537-8B1F-69061F6F574B}" = rport=139 | protocol=6 | dir=out | app=system |
"{343FCD47-7FA7-43BD-9667-BE60C51A6C74}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{458AA00E-B09C-4B04-835B-CB2FB66896FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{539F8932-BAD0-495D-830D-2C42D2F03705}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72D270BD-E50B-4445-9CD9-64EED88B406E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76286D5A-1172-4A9D-94CF-4331D195595C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86611CFF-F623-46C4-B37D-E9AF82B1F808}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{87FDEC77-14B1-4CE4-A8BA-02F253D98A29}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EB16B56-14C8-400D-8F85-BB28BAFA256B}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7FB7334-A004-401C-821D-04AD179BA696}" = rport=137 | protocol=17 | dir=out | app=system |
"{C092BB2D-F5D5-4433-9048-CECB89A0352F}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6D3957B-6A0F-49F6-B1B1-199A81F60579}" = rport=445 | protocol=6 | dir=out | app=system |
"{D359BB33-82A4-4B2A-9738-01AE0064EC90}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB21FD30-80CB-4ACC-A02B-18E8632CBB7F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E64BDCCA-794C-41E8-94EA-D808B73AC8C3}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA896BF6-E57A-49A2-BB4A-B1322347F948}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EE7AB9FD-2C81-403A-A92C-090720AA08EC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0F6A1E6-CEA9-4B1E-97F5-1CF667DDEC75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBC6E276-0F69-4592-B7CF-B5CBC787E755}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{177B800A-6EFE-429C-B583-90092BE693B0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{1AE91620-1F2F-42B0-A2A5-E3D3D8FEBB2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2771FD1F-EE52-4C57-B90C-1FC86F6B6BC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF00EDF-84B8-4836-B67E-9978646400B2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{39BFC79E-9F3D-4B34-947A-52F2698843AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DC721C2-EA7A-4BFC-83A5-614929236899}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{4823325E-C1F8-4FD5-9578-7BC64C30A6FF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{48F21CC0-5158-467A-9D67-CBEC1021DDDF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{526CAF9E-72EF-4BFF-AB1A-71D3E2D64504}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52D305DE-9BF2-47F5-BF3F-7C37ABE80210}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{54A94C48-48DC-42CE-BEAA-A54E300A9C15}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{64F7BA04-FFB6-4168-9D76-E770873E0A05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{65BCB2FB-07B3-4496-ADDF-A76C8756F991}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{6B1BBDE4-0B5B-4D20-B1F5-16C8BEF3BB86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81DA2105-8849-4101-A0C6-DFE7E49674AB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{84380DD1-DA05-402E-8030-703609A8A9F8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{86A5EFB7-0D5F-4F1B-99B9-F1094780570E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{88DC6E02-3678-449C-AA57-200B77E1269D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E7157C1-D5E1-4ED0-9D97-90F076D44FC9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91E2B41E-E831-4B13-83E0-6C66AC190C43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9772B17C-05DD-4D29-8426-F8C59DC3EB40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EEB99B0-D823-43E2-9B07-4767A20A62AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B59D0E8C-C908-4E69-8F5C-B9597F6BC2CE}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{C4667FDF-A9DC-4647-927A-EF7DF07D70E2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C61B0854-DFC6-42DB-B186-5E0EAFCACB18}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA15FCA7-6E7E-4107-AC9C-9C52E066CD4F}" = protocol=6 | dir=out | app=system |
"{CE51D2D3-7CED-4908-B7E1-5E7ABF389417}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9CA8458-34C9-4539-AFF0-E494591AF6AF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{DD14AB68-3BE6-45F8-B8BB-22C11707F133}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E345C5E6-0C68-4E11-9C60-23BD95CCF3F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F496343C-D9C0-4D65-8E93-92BE6836F68E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FC075C5B-7774-4127-8896-31CB19CF9DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE4F415A-BD3B-44BD-862A-EDC23791B1CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EAFA990-1C26-21B7-FCC5-A1A84E4F5093}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{6343914E-12BF-1945-6833-0BDE64154A80}" = AMD Accelerated Video Transcoding
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7B8A295E-8F17-6CBB-6292-42FF394EC7F3}" = AMD Fuel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}" = HP 3D DriveGuard
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}" = Validity WBF DDK
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5E8615E-3433-5473-C6E5-12726B6216F1}" = AMD Catalyst Install Manager
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"{F9E64F70-9BE4-4ECD-9B83-09E74CF5B6C3}" = AuthenTec TrueAPI 64-bit
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B813004-2372-96AE-140C-F6748C51FD2A}" = Catalyst Control Center Graphics Previews Common
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
"{1719D986-582A-9822-029F-C290FE7D2AAB}" = Catalyst Control Center Localization All
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D45482B-12E5-E2FD-14A5-BED2ACE11A1D}" = CCC Help Swedish
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31BF9CD1-A904-43B5-A236-53E5E908AD0E}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{41861336-C1FA-987B-3678-157CE6B9D7CF}" = CCC Help Korean
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56DE3634-A3D1-BD58-EA6D-8071802DE435}" = CCC Help French
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59AD711B-0001-378C-B0F1-8E70C68DDCA3}" = CCC Help Italian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{650374B1-1AA2-DF04-43D7-8778904411EA}" = CCC Help German
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DE80866-EF92-47C1-80F5-1EA83B7A0AA2}" = HP Software Framework
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{72B08932-4A95-1E56-31F2-D0D5D4D99F43}" = Catalyst Control Center InstallProxy
"{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}" = Blio
"{777CCFFC-7BB3-519E-AD25-B8C49C4EE3FD}" = CCC Help Finnish
"{790349F7-4510-EF49-BB89-AB99A7129B80}" = CCC Help Dutch
"{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}" = ESU for Microsoft Windows 7 SP1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{880B5A98-B242-4B53-BD6F-41EA17495EAD}" = HP SimplePass
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90800174-B9B4-3B06-5B34-6EE15EED4180}" = CCC Help Greek
"{910D3646-DFC3-CA61-301A-115CEEC32FE7}" = CCC Help Czech
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3FEE4BE-2C02-0247-1096-13EF4CE51056}" = CCC Help Polish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}" = Bing Bar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB73B892-EFDB-66F0-9B4D-2E76FDBC1631}" = CCC Help Danish
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{ADFE56FF-FA9E-27BC-64DA-7C572AC64777}" = AMD VISION Engine Control Center
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B0A506CA-121C-1D1E-4928-B0B218162647}" = CCC Help English
"{B288E426-9954-451C-B811-B0F234CF0EDD}" = HP Documentation
"{B299BB6B-6EBF-779A-C8A3-0850A48C922D}" = CCC Help Hungarian
"{BEC3EDB0-0335-CB35-C221-17E661353206}" = CCC Help Chinese Traditional
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}" = HP Quick Launch
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0424A3C-2E75-C134-2924-1A447C57F4D3}" = CCC Help Japanese
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C62DAD-7622-53DF-FCE9-2E95FD9B046D}" = CCC Help Portuguese
"{D74129D9-310B-74B4-0094-86513C8D4A7F}" = CCC Help Russian
"{D87E8E9F-C446-7278-03D9-E24115AACD35}" = CCC Help Turkish
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F452DCFD-132B-82A1-E1D7-D9528DCF053A}" = CCC Help Thai
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE4774EB-C32D-2F8E-E803-C0CE30C6ED44}" = CCC Help Chinese Standard
"{FEB04D08-9097-C389-26E1-DDDC6886B4C0}" = CCC Help Spanish
"{FEFFE639-F8AE-BEBB-1AA8-FF83CE162EB7}" = CCC Help Norwegian
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"NIS" = Norton Internet Security
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-048dab58-1004-4994-9423-b70e6451d9ed" = Polar Golfer
"WTA-09f333ef-c357-4b8f-bc4e-394ed04afe47" = Hoyle Card Games
"WTA-0c4ec102-1dfb-4e32-b075-0f01f5904559" = RollerCoaster Tycoon 3: Platinum
"WTA-0cb981b7-5eb6-4921-857b-f58dcd4a68f5" = Torchlight
"WTA-0e702ec1-e654-4fef-87cc-f08a5acab509" = FATE
"WTA-0e7df24f-5f54-4e52-b7b6-01f442a36f9f" = Cradle of Rome 2
"WTA-12675930-583c-4b08-9f16-34c7f4ec389f" = Polar Bowler
"WTA-286cc9aa-81e9-4489-9c58-ed715253495d" = Zuma's Revenge
"WTA-3daa7805-4ddc-42e3-a395-a853cd7a33b6" = Luxor HD
"WTA-40481a4c-0299-4ebe-9609-6882e084f2ff" = Dora's World Adventure
"WTA-450b53fa-8378-4b53-9dfe-0cb4be8cb88a" = Virtual Villagers 4 - The Tree of Life
"WTA-55956fa9-276a-4d13-8b6b-0a1621fe2cca" = Farm Frenzy
"WTA-748f37fe-1b8b-4957-960a-b5d29f5f8f36" = Penguins!
"WTA-84eac363-d978-4911-bb94-1203d8818c9c" = John Deere Drive Green
"WTA-8a2ba2c7-f206-4499-8468-a9bdedfd670d" = Plants vs. Zombies - Game of the Year
"WTA-94bd22d6-e966-431c-8be1-dad2a582b336" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-988baaeb-a189-4029-91ef-335a27da77d4" = Final Drive Fury
"WTA-98ba00f4-d63b-41c4-a1c9-29c4abec926b" = Blackhawk Striker 2
"WTA-a1b71fdb-ac61-40a2-98ec-0119fe8cc685" = The Treasures of Mystery Island: The Ghost Ship
"WTA-a9ba02f8-d032-4b19-99c2-7c3b1a3c87b9" = Jewel Match 3
"WTA-cb83a4d7-5c15-4cda-8f07-99b2edf88d3c" = Bejeweled 3
"WTA-d1bbdcf8-8487-4aef-b560-bf86410e81f1" = Mah Jong Medley
"WTA-df7e2ac8-4c48-445d-a924-53d24a91fb63" = Letters from Nowhere 2
"WTA-e64aa229-9119-48dc-bf2e-362c0f08f280" = Chuzzle Deluxe
"WTA-ed4730cf-7db7-4619-ba85-12bd851e3dd5" = Farmscapes
"WTA-f343f258-1f07-4bab-af41-e10575d71021" = Poker Superstars III

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/10/2012 8:25:35 AM | Computer Name = Rita-HP | Source = Caught Exception in Main(string[] args) HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
Setup\Easy Internet Signup\offers\en_us\OfferCount.ini'. at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
HTMLTemplateUpdater.TemplateUpdater.Run() in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\TemplateUpdater.cs:line
56 at HTMLTemplateUpdater.Program.Main(String[] args) in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\Program.cs:line
36

Error - 12/10/2012 8:25:51 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 12/10/2012 9:28:04 AM | Computer Name = Rita-HP | Source = Application Error | ID = 1000
Description = Faulting application name: HPWMISVC.exe, version: 2.5.3.0, time stamp:
0x4ed4a2e7 Faulting module name: HPWMISVC.exe, version: 2.5.3.0, time stamp: 0x4ed4a2e7
Exception
code: 0xc0000005 Fault offset: 0x000018ae Faulting process id: 0x528 Faulting application
start time: 0x01cdd6d12562449a Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Report Id: 6cf00bb2-42cd-11e2-be48-082e5f77ff5a

Error - 12/11/2012 9:33:54 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/11/2012 9:56:33 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:00:26 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:34:57 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/12/2012 8:03:46 PM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 12/10/2012 9:28:11 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly. It has done this 1
time(s).

Error - 12/11/2012 9:58:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service
Pack 2 for x64-based Systems (KB954430).

Error - 12/11/2012 10:02:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack
2 for x64-based Systems (KB973688).

Error - 12/11/2012 10:34:17 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405


< End of report >
OTL logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass\TouchControl.exe (AuthenTec Inc.)
PRC - C:\Program Files (x86)\HP SimplePass\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (TrueService) -- C:\Program Files\Common Files\AuthenTec\TrueService.exe (AuthenTec, Inc.)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (HPAuto) -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Hewlett-Packard)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.1) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/12/10 05:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/12/12 16:05:34 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/store?A ... &keywords=%w
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E468A6F-F061-47CE-B26C-00013DFA08A5}: DhcpNameServer = 172.168.21.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5850C882-4BB1-4CB1-8D43-B56B8C336BF5}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/12 06:37:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/12 06:37:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/12 06:37:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/12 06:37:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/12 06:37:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/12 06:37:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/12 06:37:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/12 06:37:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/12 06:37:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/12 06:37:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/12 06:37:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/12 06:37:22 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/12 06:37:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/12 06:37:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/12 06:37:21 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/12 05:47:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/12 05:47:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/12 05:47:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/12 05:47:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/12 05:47:17 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/12 05:47:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/12 05:47:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/12 05:47:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/12 05:47:17 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/12 05:47:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/12 05:47:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/12 05:47:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/12 05:47:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/12 05:47:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/12 05:47:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/12 05:47:09 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/12 05:47:09 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/12 05:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/12 05:38:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/12 05:38:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/11 05:58:40 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/12/11 05:58:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/12/11 05:47:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/11 05:47:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/11 05:47:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/11 05:47:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/11 05:46:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/12/11 05:46:45 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/12/11 05:45:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/11 05:45:00 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/12/11 05:45:00 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/12/11 05:45:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/11 05:45:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/11 05:45:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/11 05:44:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/12/11 05:44:37 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/12/11 05:44:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/12/11 05:44:30 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/12/11 05:44:30 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/12/11 05:44:30 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/12/11 05:44:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/11 05:44:24 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/12/11 05:44:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/12/11 05:44:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/12/11 05:44:18 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/12/11 05:44:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/12/11 05:44:16 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/12/11 05:44:15 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/12/11 05:44:14 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/12/11 05:44:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/12/11 05:44:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/12/11 05:44:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/12/11 05:44:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/12/11 05:44:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/12/11 05:44:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/12/11 05:44:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/12/11 05:44:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/12/11 05:44:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/12/11 05:44:10 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/12/11 05:44:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/12/11 05:44:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/12/11 05:44:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/11 05:44:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/11 05:42:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/12/11 05:42:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/12/11 05:40:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/12/11 05:40:03 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/12/11 05:40:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/12/11 05:39:59 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/12/11 05:39:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/12/10 05:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2012/12/10 05:29:48 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/12/10 05:29:48 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/12/10 05:28:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Macromedia
[2012/12/10 05:28:43 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Adobe
[2012/12/10 05:28:37 | 000,000,000 | ---D | C] -- C:\AuthLog
[2012/12/10 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AMD
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\ATI
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\ATI
[2012/12/10 05:27:59 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Synaptics
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\Searches
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/10 05:27:35 | 000,000,000 | -H-D | C] -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/12/10 05:27:27 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Identities
[2012/12/10 05:27:26 | 000,000,000 | R--D | C] -- C:\Users\Rita\Contacts
[2012/12/10 05:26:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Hewlett-Packard
[2012/12/10 05:26:54 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\hpqlog
[2012/12/10 05:26:47 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard
[2012/12/10 04:25:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2012/12/10 04:25:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AuthenTec
[2012/12/10 04:25:36 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\RemEngine
[2012/12/10 04:25:34 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard_Company
[2012/12/10 04:25:11 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\VirtualStore
[2012/12/10 04:24:55 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/12/10 04:24:55 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/12/10 04:24:55 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/12/10 04:24:52 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/12/10 04:24:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/12/10 04:24:52 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/12/10 04:24:48 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/12/10 04:24:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/12/10 04:24:39 | 000,000,000 | --SD | C] -- C:\Users\Rita\AppData\Roaming\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Videos
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Saved Games
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Pictures
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Music
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Links
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Favorites
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Downloads
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Documents
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Desktop
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Temporary Internet Files
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Templates
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Start Menu
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\SendTo
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Recent
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\PrintHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\NetHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Videos
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Pictures
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Music
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\My Documents
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Local Settings
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\History
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Cookies
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -H-D | C] -- C:\Users\Rita\AppData
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Temp
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Media Center Programs
[2012/12/10 04:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/09 21:30:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:03 | 000,001,083 | ---- | M] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/12 16:07:42 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/12 16:07:42 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/12 16:07:42 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/12 16:03:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/12 16:03:21 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/12 16:03:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/12 16:02:48 | 115,630,079 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/11 05:32:38 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 05:28:28 | 000,001,437 | ---- | M] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/13 22:11:44 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/13 22:02:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/13 22:02:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/13 21:58:36 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/13 21:57:46 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/13 21:57:35 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/13 21:55:26 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/13 21:53:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/13 21:46:25 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/13 17:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/13 17:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/13 17:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/13 17:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/13 17:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/13 17:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2012/12/12 16:10:03 | 000,001,083 | ---- | C] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/11 05:58:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/11 05:47:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/10 05:28:28 | 000,001,437 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 05:27:52 | 000,001,409 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/10 05:27:46 | 000,001,443 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/12/10 05:27:18 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 04:25:45 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/12/10 04:25:45 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\HP Marketplace.lnk
[2012/12/10 04:25:44 | 000,002,328 | ---- | C] () -- C:\Users\Public\Desktop\Zya Music...FREE!.lnk
[2012/12/10 04:25:44 | 000,002,202 | ---- | C] () -- C:\Users\Public\Desktop\rara Music.lnk
[2012/12/10 04:24:39 | 000,000,290 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/12/10 04:24:39 | 000,000,272 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/12/09 21:30:16 | 115,630,079 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:31:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/01/27 12:18:28 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/01/27 12:18:28 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/26 17:50:14 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/12/13 20:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/13 11:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/06 11:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 12th, 2012, 8:26 pm

I apologize for taking so long but was unable to get on my computer and had to reset yet again. Plus work , anyways, heres the OTL logs,
OTL Extras logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B30CD-B392-46F8-94A4-BD895E905C4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{111C1C15-E931-41D0-95CA-A365FAA5FDC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{16A8B024-6906-47E4-8AB9-339234E78748}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1D9FA49F-A40F-4665-9FB7-43E8B8ED2999}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A8E51E6-B888-4537-8B1F-69061F6F574B}" = rport=139 | protocol=6 | dir=out | app=system |
"{343FCD47-7FA7-43BD-9667-BE60C51A6C74}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{458AA00E-B09C-4B04-835B-CB2FB66896FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{539F8932-BAD0-495D-830D-2C42D2F03705}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72D270BD-E50B-4445-9CD9-64EED88B406E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76286D5A-1172-4A9D-94CF-4331D195595C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86611CFF-F623-46C4-B37D-E9AF82B1F808}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{87FDEC77-14B1-4CE4-A8BA-02F253D98A29}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EB16B56-14C8-400D-8F85-BB28BAFA256B}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7FB7334-A004-401C-821D-04AD179BA696}" = rport=137 | protocol=17 | dir=out | app=system |
"{C092BB2D-F5D5-4433-9048-CECB89A0352F}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6D3957B-6A0F-49F6-B1B1-199A81F60579}" = rport=445 | protocol=6 | dir=out | app=system |
"{D359BB33-82A4-4B2A-9738-01AE0064EC90}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB21FD30-80CB-4ACC-A02B-18E8632CBB7F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E64BDCCA-794C-41E8-94EA-D808B73AC8C3}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA896BF6-E57A-49A2-BB4A-B1322347F948}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EE7AB9FD-2C81-403A-A92C-090720AA08EC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0F6A1E6-CEA9-4B1E-97F5-1CF667DDEC75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBC6E276-0F69-4592-B7CF-B5CBC787E755}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{177B800A-6EFE-429C-B583-90092BE693B0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{1AE91620-1F2F-42B0-A2A5-E3D3D8FEBB2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2771FD1F-EE52-4C57-B90C-1FC86F6B6BC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF00EDF-84B8-4836-B67E-9978646400B2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{39BFC79E-9F3D-4B34-947A-52F2698843AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DC721C2-EA7A-4BFC-83A5-614929236899}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{4823325E-C1F8-4FD5-9578-7BC64C30A6FF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{48F21CC0-5158-467A-9D67-CBEC1021DDDF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{526CAF9E-72EF-4BFF-AB1A-71D3E2D64504}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52D305DE-9BF2-47F5-BF3F-7C37ABE80210}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{54A94C48-48DC-42CE-BEAA-A54E300A9C15}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{64F7BA04-FFB6-4168-9D76-E770873E0A05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{65BCB2FB-07B3-4496-ADDF-A76C8756F991}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{6B1BBDE4-0B5B-4D20-B1F5-16C8BEF3BB86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81DA2105-8849-4101-A0C6-DFE7E49674AB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{84380DD1-DA05-402E-8030-703609A8A9F8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{86A5EFB7-0D5F-4F1B-99B9-F1094780570E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{88DC6E02-3678-449C-AA57-200B77E1269D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E7157C1-D5E1-4ED0-9D97-90F076D44FC9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91E2B41E-E831-4B13-83E0-6C66AC190C43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9772B17C-05DD-4D29-8426-F8C59DC3EB40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EEB99B0-D823-43E2-9B07-4767A20A62AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B59D0E8C-C908-4E69-8F5C-B9597F6BC2CE}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{C4667FDF-A9DC-4647-927A-EF7DF07D70E2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C61B0854-DFC6-42DB-B186-5E0EAFCACB18}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA15FCA7-6E7E-4107-AC9C-9C52E066CD4F}" = protocol=6 | dir=out | app=system |
"{CE51D2D3-7CED-4908-B7E1-5E7ABF389417}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9CA8458-34C9-4539-AFF0-E494591AF6AF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{DD14AB68-3BE6-45F8-B8BB-22C11707F133}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E345C5E6-0C68-4E11-9C60-23BD95CCF3F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F496343C-D9C0-4D65-8E93-92BE6836F68E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FC075C5B-7774-4127-8896-31CB19CF9DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE4F415A-BD3B-44BD-862A-EDC23791B1CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EAFA990-1C26-21B7-FCC5-A1A84E4F5093}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{6343914E-12BF-1945-6833-0BDE64154A80}" = AMD Accelerated Video Transcoding
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7B8A295E-8F17-6CBB-6292-42FF394EC7F3}" = AMD Fuel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}" = HP 3D DriveGuard
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}" = Validity WBF DDK
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5E8615E-3433-5473-C6E5-12726B6216F1}" = AMD Catalyst Install Manager
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"{F9E64F70-9BE4-4ECD-9B83-09E74CF5B6C3}" = AuthenTec TrueAPI 64-bit
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B813004-2372-96AE-140C-F6748C51FD2A}" = Catalyst Control Center Graphics Previews Common
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
"{1719D986-582A-9822-029F-C290FE7D2AAB}" = Catalyst Control Center Localization All
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D45482B-12E5-E2FD-14A5-BED2ACE11A1D}" = CCC Help Swedish
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31BF9CD1-A904-43B5-A236-53E5E908AD0E}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{41861336-C1FA-987B-3678-157CE6B9D7CF}" = CCC Help Korean
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56DE3634-A3D1-BD58-EA6D-8071802DE435}" = CCC Help French
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59AD711B-0001-378C-B0F1-8E70C68DDCA3}" = CCC Help Italian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{650374B1-1AA2-DF04-43D7-8778904411EA}" = CCC Help German
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DE80866-EF92-47C1-80F5-1EA83B7A0AA2}" = HP Software Framework
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{72B08932-4A95-1E56-31F2-D0D5D4D99F43}" = Catalyst Control Center InstallProxy
"{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}" = Blio
"{777CCFFC-7BB3-519E-AD25-B8C49C4EE3FD}" = CCC Help Finnish
"{790349F7-4510-EF49-BB89-AB99A7129B80}" = CCC Help Dutch
"{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}" = ESU for Microsoft Windows 7 SP1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{880B5A98-B242-4B53-BD6F-41EA17495EAD}" = HP SimplePass
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90800174-B9B4-3B06-5B34-6EE15EED4180}" = CCC Help Greek
"{910D3646-DFC3-CA61-301A-115CEEC32FE7}" = CCC Help Czech
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3FEE4BE-2C02-0247-1096-13EF4CE51056}" = CCC Help Polish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}" = Bing Bar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB73B892-EFDB-66F0-9B4D-2E76FDBC1631}" = CCC Help Danish
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{ADFE56FF-FA9E-27BC-64DA-7C572AC64777}" = AMD VISION Engine Control Center
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B0A506CA-121C-1D1E-4928-B0B218162647}" = CCC Help English
"{B288E426-9954-451C-B811-B0F234CF0EDD}" = HP Documentation
"{B299BB6B-6EBF-779A-C8A3-0850A48C922D}" = CCC Help Hungarian
"{BEC3EDB0-0335-CB35-C221-17E661353206}" = CCC Help Chinese Traditional
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}" = HP Quick Launch
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0424A3C-2E75-C134-2924-1A447C57F4D3}" = CCC Help Japanese
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C62DAD-7622-53DF-FCE9-2E95FD9B046D}" = CCC Help Portuguese
"{D74129D9-310B-74B4-0094-86513C8D4A7F}" = CCC Help Russian
"{D87E8E9F-C446-7278-03D9-E24115AACD35}" = CCC Help Turkish
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F452DCFD-132B-82A1-E1D7-D9528DCF053A}" = CCC Help Thai
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE4774EB-C32D-2F8E-E803-C0CE30C6ED44}" = CCC Help Chinese Standard
"{FEB04D08-9097-C389-26E1-DDDC6886B4C0}" = CCC Help Spanish
"{FEFFE639-F8AE-BEBB-1AA8-FF83CE162EB7}" = CCC Help Norwegian
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"NIS" = Norton Internet Security
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-048dab58-1004-4994-9423-b70e6451d9ed" = Polar Golfer
"WTA-09f333ef-c357-4b8f-bc4e-394ed04afe47" = Hoyle Card Games
"WTA-0c4ec102-1dfb-4e32-b075-0f01f5904559" = RollerCoaster Tycoon 3: Platinum
"WTA-0cb981b7-5eb6-4921-857b-f58dcd4a68f5" = Torchlight
"WTA-0e702ec1-e654-4fef-87cc-f08a5acab509" = FATE
"WTA-0e7df24f-5f54-4e52-b7b6-01f442a36f9f" = Cradle of Rome 2
"WTA-12675930-583c-4b08-9f16-34c7f4ec389f" = Polar Bowler
"WTA-286cc9aa-81e9-4489-9c58-ed715253495d" = Zuma's Revenge
"WTA-3daa7805-4ddc-42e3-a395-a853cd7a33b6" = Luxor HD
"WTA-40481a4c-0299-4ebe-9609-6882e084f2ff" = Dora's World Adventure
"WTA-450b53fa-8378-4b53-9dfe-0cb4be8cb88a" = Virtual Villagers 4 - The Tree of Life
"WTA-55956fa9-276a-4d13-8b6b-0a1621fe2cca" = Farm Frenzy
"WTA-748f37fe-1b8b-4957-960a-b5d29f5f8f36" = Penguins!
"WTA-84eac363-d978-4911-bb94-1203d8818c9c" = John Deere Drive Green
"WTA-8a2ba2c7-f206-4499-8468-a9bdedfd670d" = Plants vs. Zombies - Game of the Year
"WTA-94bd22d6-e966-431c-8be1-dad2a582b336" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-988baaeb-a189-4029-91ef-335a27da77d4" = Final Drive Fury
"WTA-98ba00f4-d63b-41c4-a1c9-29c4abec926b" = Blackhawk Striker 2
"WTA-a1b71fdb-ac61-40a2-98ec-0119fe8cc685" = The Treasures of Mystery Island: The Ghost Ship
"WTA-a9ba02f8-d032-4b19-99c2-7c3b1a3c87b9" = Jewel Match 3
"WTA-cb83a4d7-5c15-4cda-8f07-99b2edf88d3c" = Bejeweled 3
"WTA-d1bbdcf8-8487-4aef-b560-bf86410e81f1" = Mah Jong Medley
"WTA-df7e2ac8-4c48-445d-a924-53d24a91fb63" = Letters from Nowhere 2
"WTA-e64aa229-9119-48dc-bf2e-362c0f08f280" = Chuzzle Deluxe
"WTA-ed4730cf-7db7-4619-ba85-12bd851e3dd5" = Farmscapes
"WTA-f343f258-1f07-4bab-af41-e10575d71021" = Poker Superstars III

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/10/2012 8:25:35 AM | Computer Name = Rita-HP | Source = Caught Exception in Main(string[] args) HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
Setup\Easy Internet Signup\offers\en_us\OfferCount.ini'. at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
HTMLTemplateUpdater.TemplateUpdater.Run() in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\TemplateUpdater.cs:line
56 at HTMLTemplateUpdater.Program.Main(String[] args) in c:\Synergy\TCA\NewBee\trunk\MainTrunk\Source\Dependencies\NewbeeDependencies\HTMLTemplateUpdater\Program.cs:line
36

Error - 12/10/2012 8:25:51 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 12/10/2012 9:28:04 AM | Computer Name = Rita-HP | Source = Application Error | ID = 1000
Description = Faulting application name: HPWMISVC.exe, version: 2.5.3.0, time stamp:
0x4ed4a2e7 Faulting module name: HPWMISVC.exe, version: 2.5.3.0, time stamp: 0x4ed4a2e7
Exception
code: 0xc0000005 Fault offset: 0x000018ae Faulting process id: 0x528 Faulting application
start time: 0x01cdd6d12562449a Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Report Id: 6cf00bb2-42cd-11e2-be48-082e5f77ff5a

Error - 12/11/2012 9:33:54 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/11/2012 9:56:33 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:00:26 AM | Computer Name = Rita-HP | Source = MsiInstaller | ID = 11935
Description =

Error - 12/11/2012 10:34:57 AM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

Error - 12/12/2012 8:03:46 PM | Computer Name = Rita-HP | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 12/10/2012 9:28:11 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly. It has done this 1
time(s).

Error - 12/11/2012 9:58:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service
Pack 2 for x64-based Systems (KB954430).

Error - 12/11/2012 10:02:02 AM | Computer Name = Rita-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack
2 for x64-based Systems (KB973688).

Error - 12/11/2012 10:34:17 AM | Computer Name = Rita-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405


< End of report >
OTL logfile created on: 12/12/2012 4:10:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 72.84% Memory free
10.95 Gb Paging File | 9.24 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.46 Gb Total Space | 537.89 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 19.41 Gb Total Space | 2.05 Gb Free Space | 10.58% Space Free | Partition Type: NTFS

Computer Name: RITA-HP | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass\TouchControl.exe (AuthenTec Inc.)
PRC - C:\Program Files (x86)\HP SimplePass\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (TrueService) -- C:\Program Files\Common Files\AuthenTec\TrueService.exe (AuthenTec, Inc.)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (HPAuto) -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Hewlett-Packard)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.1) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{0D7536A2-F572-48DC-879B-1E0A044710FF}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
IE - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/12/10 05:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/12/12 16:05:34 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/store?A ... &keywords=%w
O7 - HKU\S-1-5-21-442685293-3572960842-2574654079-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E468A6F-F061-47CE-B26C-00013DFA08A5}: DhcpNameServer = 172.168.21.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5850C882-4BB1-4CB1-8D43-B56B8C336BF5}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/12 06:37:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/12 06:37:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/12 06:37:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/12 06:37:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/12 06:37:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/12 06:37:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/12 06:37:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/12 06:37:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/12 06:37:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/12 06:37:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/12 06:37:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/12 06:37:22 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/12 06:37:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/12 06:37:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/12 06:37:21 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/12 05:47:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/12 05:47:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/12 05:47:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/12 05:47:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/12 05:47:17 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/12 05:47:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/12 05:47:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/12 05:47:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/12 05:47:17 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/12 05:47:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/12 05:47:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/12 05:47:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/12 05:47:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/12 05:47:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/12 05:47:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:47:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:47:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/12 05:47:09 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/12 05:47:09 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/12 05:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/12 05:38:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/12 05:38:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/11 05:58:40 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/12/11 05:58:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/12/11 05:47:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/11 05:47:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/11 05:47:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/11 05:47:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/11 05:46:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/12/11 05:46:45 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/12/11 05:45:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/11 05:45:00 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/12/11 05:45:00 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/12/11 05:45:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/11 05:45:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/11 05:45:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/11 05:45:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/11 05:44:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/12/11 05:44:37 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/12/11 05:44:37 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/12/11 05:44:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/12/11 05:44:30 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/12/11 05:44:30 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/12/11 05:44:30 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/12/11 05:44:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/11 05:44:24 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/12/11 05:44:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/12/11 05:44:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/12/11 05:44:18 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/12/11 05:44:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/12/11 05:44:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/12/11 05:44:16 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/12/11 05:44:15 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/12/11 05:44:14 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/12/11 05:44:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/12/11 05:44:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/12/11 05:44:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/12/11 05:44:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/12/11 05:44:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/12/11 05:44:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/12/11 05:44:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/12/11 05:44:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/12/11 05:44:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/12/11 05:44:10 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/12/11 05:44:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/12/11 05:44:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/12/11 05:44:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/11 05:44:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/11 05:42:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/12/11 05:42:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/12/11 05:40:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/12/11 05:40:03 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/12/11 05:40:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/12/11 05:39:59 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/12/11 05:39:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/12/10 05:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2012/12/10 05:29:48 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/12/10 05:29:48 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/12/10 05:28:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Macromedia
[2012/12/10 05:28:43 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Adobe
[2012/12/10 05:28:37 | 000,000,000 | ---D | C] -- C:\AuthLog
[2012/12/10 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AMD
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\ATI
[2012/12/10 05:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\ATI
[2012/12/10 05:27:59 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Synaptics
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\Searches
[2012/12/10 05:27:35 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/10 05:27:35 | 000,000,000 | -H-D | C] -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/12/10 05:27:27 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Identities
[2012/12/10 05:27:26 | 000,000,000 | R--D | C] -- C:\Users\Rita\Contacts
[2012/12/10 05:26:56 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Hewlett-Packard
[2012/12/10 05:26:54 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\hpqlog
[2012/12/10 05:26:47 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard
[2012/12/10 04:25:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2012/12/10 04:25:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\AuthenTec
[2012/12/10 04:25:36 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\RemEngine
[2012/12/10 04:25:34 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Hewlett-Packard_Company
[2012/12/10 04:25:11 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\VirtualStore
[2012/12/10 04:24:55 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/12/10 04:24:55 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/12/10 04:24:55 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/12/10 04:24:52 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/12/10 04:24:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/12/10 04:24:52 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/12/10 04:24:48 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/12/10 04:24:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/12/10 04:24:39 | 000,000,000 | --SD | C] -- C:\Users\Rita\AppData\Roaming\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Videos
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Saved Games
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Pictures
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Music
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Links
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Favorites
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Downloads
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Documents
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\Desktop
[2012/12/10 04:24:39 | 000,000,000 | R--D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Temporary Internet Files
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Templates
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Start Menu
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\SendTo
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Recent
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\PrintHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\NetHood
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Videos
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Pictures
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Documents\My Music
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\My Documents
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Local Settings
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\History
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Cookies
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -HSD | C] -- C:\Users\Rita\AppData\Local\Application Data
[2012/12/10 04:24:39 | 000,000,000 | -H-D | C] -- C:\Users\Rita\AppData
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Temp
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Microsoft
[2012/12/10 04:24:39 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Media Center Programs
[2012/12/10 04:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/09 21:30:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:53 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/12 16:10:03 | 000,001,083 | ---- | M] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/12 16:07:42 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/12 16:07:42 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/12 16:07:42 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/12 16:03:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/12 16:03:21 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/12 16:03:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/12 16:02:48 | 115,630,079 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/11 05:32:38 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 05:28:28 | 000,001,437 | ---- | M] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/10 04:23:22 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/13 22:11:44 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/13 22:02:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/13 22:02:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/13 21:58:36 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/13 21:57:46 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/13 21:57:35 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/13 21:55:26 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/13 21:53:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/13 21:46:25 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/13 17:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/13 17:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/13 17:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/13 17:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/13 17:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/13 17:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2012/12/12 16:10:03 | 000,001,083 | ---- | C] () -- C:\Users\Rita\Desktop\OTL - Shortcut.lnk
[2012/12/11 05:58:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/11 05:47:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/10 05:28:28 | 000,001,437 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/10 05:27:52 | 000,001,409 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/10 05:27:46 | 000,001,443 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/12/10 05:27:18 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRita.job
[2012/12/10 04:25:45 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/12/10 04:25:45 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\HP Marketplace.lnk
[2012/12/10 04:25:44 | 000,002,328 | ---- | C] () -- C:\Users\Public\Desktop\Zya Music...FREE!.lnk
[2012/12/10 04:25:44 | 000,002,202 | ---- | C] () -- C:\Users\Public\Desktop\rara Music.lnk
[2012/12/10 04:24:39 | 000,000,290 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/12/10 04:24:39 | 000,000,272 | ---- | C] () -- C:\Users\Rita\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/12/09 21:30:16 | 115,630,079 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/04 20:31:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/01/27 12:18:28 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/01/27 12:18:28 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/26 17:50:14 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/12/13 20:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/13 11:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/06 11:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 12th, 2012, 8:36 pm

16:32:19.0831 4380 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:32:20.0418 4380 ============================================================
16:32:20.0418 4380 Current date / time: 2012/12/12 16:32:20.0418
16:32:20.0418 4380 SystemInfo:
16:32:20.0418 4380
16:32:20.0418 4380 OS Version: 6.1.7601 ServicePack: 1.0
16:32:20.0418 4380 Product type: Workstation
16:32:20.0419 4380 ComputerName: RITA-HP
16:32:20.0419 4380 UserName: Rita
16:32:20.0419 4380 Windows directory: C:\Windows
16:32:20.0419 4380 System windows directory: C:\Windows
16:32:20.0419 4380 Running under WOW64
16:32:20.0419 4380 Processor architecture: Intel x64
16:32:20.0419 4380 Number of processors: 4
16:32:20.0419 4380 Page size: 0x1000
16:32:20.0419 4380 Boot type: Normal boot
16:32:20.0419 4380 ============================================================
16:32:20.0841 4380 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:32:20.0848 4380 ============================================================
16:32:20.0848 4380 \Device\Harddisk0\DR0:
16:32:20.0849 4380 MBR partitions:
16:32:20.0849 4380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:32:20.0849 4380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x480EC000
16:32:20.0849 4380 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48150000, BlocksNum 0x26D4000
16:32:20.0849 4380 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33800
16:32:20.0849 4380 ============================================================
16:32:20.0902 4380 C: <-> \Device\Harddisk0\DR0\Partition2
16:32:20.0943 4380 D: <-> \Device\Harddisk0\DR0\Partition3
16:32:20.0943 4380 ============================================================
16:32:20.0943 4380 Initialize success
16:32:20.0943 4380 ============================================================
16:32:34.0783 3540 ============================================================
16:32:34.0783 3540 Scan started
16:32:34.0783 3540 Mode: Manual; SigCheck;
16:32:34.0783 3540 ============================================================
16:32:35.0002 3540 ================ Scan system memory ========================
16:32:35.0002 3540 System memory - ok
16:32:35.0003 3540 ================ Scan services =============================
16:32:35.0212 3540 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:32:35.0282 3540 1394ohci - ok
16:32:35.0324 3540 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\drivers\Accelerometer.sys
16:32:35.0350 3540 Accelerometer - ok
16:32:35.0378 3540 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:32:35.0397 3540 ACPI - ok
16:32:35.0419 3540 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:32:35.0435 3540 AcpiPmi - ok
16:32:35.0531 3540 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:32:35.0549 3540 AdobeARMservice - ok
16:32:35.0656 3540 [ 300B79DECEEF4F385523765ACC4F351A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:32:35.0678 3540 AdobeFlashPlayerUpdateSvc - ok
16:32:35.0732 3540 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:32:35.0753 3540 adp94xx - ok
16:32:35.0782 3540 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:32:35.0800 3540 adpahci - ok
16:32:35.0806 3540 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:32:35.0822 3540 adpu320 - ok
16:32:35.0858 3540 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:32:35.0899 3540 AeLookupSvc - ok
16:32:35.0944 3540 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:32:35.0964 3540 AFD - ok
16:32:35.0992 3540 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:32:36.0005 3540 agp440 - ok
16:32:36.0010 3540 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:32:36.0025 3540 ALG - ok
16:32:36.0044 3540 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:32:36.0056 3540 aliide - ok
16:32:36.0104 3540 [ 007B7CA73A0B4987F69AB9725537FD67 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:32:36.0134 3540 AMD External Events Utility - ok
16:32:36.0189 3540 AMD FUEL Service - ok
16:32:36.0216 3540 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
16:32:36.0235 3540 amdhub30 - ok
16:32:36.0259 3540 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:32:36.0271 3540 amdide - ok
16:32:36.0289 3540 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\drivers\amdiox64.sys
16:32:36.0301 3540 amdiox64 - ok
16:32:36.0323 3540 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:32:36.0337 3540 AmdK8 - ok
16:32:36.0564 3540 [ B497CC014D728E44172DA2C6C7437CE4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:32:36.0723 3540 amdkmdag - ok
16:32:36.0746 3540 [ 807839C7DC93838CF7EE8E53167C4232 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:32:36.0768 3540 amdkmdap - ok
16:32:36.0824 3540 [ 19D7EED3928930BAFC541F1758AA6AA1 ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
16:32:36.0841 3540 amdkmpfd - ok
16:32:36.0867 3540 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:32:36.0882 3540 AmdPPM - ok
16:32:36.0917 3540 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:32:36.0931 3540 amdsata - ok
16:32:36.0945 3540 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:32:36.0961 3540 amdsbs - ok
16:32:36.0966 3540 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:32:36.0979 3540 amdxata - ok
16:32:37.0017 3540 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
16:32:37.0030 3540 amdxhc - ok
16:32:37.0045 3540 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
16:32:37.0057 3540 amd_sata - ok
16:32:37.0062 3540 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
16:32:37.0073 3540 amd_xata - ok
16:32:37.0110 3540 [ D7253A1A7A49FA40EF0BA1955AAFB346 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:32:37.0121 3540 AODDriver4.1 - ok
16:32:37.0192 3540 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:32:37.0242 3540 AppID - ok
16:32:37.0262 3540 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:32:37.0302 3540 AppIDSvc - ok
16:32:37.0307 3540 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:32:37.0346 3540 Appinfo - ok
16:32:37.0386 3540 [ BC6526297C2E1377949F79A3AC622BAD ] APXACC C:\Windows\system32\DRIVERS\appexDrv.sys
16:32:37.0411 3540 APXACC - ok
16:32:37.0436 3540 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:32:37.0450 3540 arc - ok
16:32:37.0455 3540 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:32:37.0469 3540 arcsas - ok
16:32:37.0483 3540 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:32:37.0523 3540 AsyncMac - ok
16:32:37.0544 3540 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:32:37.0557 3540 atapi - ok
16:32:37.0637 3540 [ 881AF14AD2F1207672873B65ACA6C92F ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:32:37.0693 3540 athr - ok
16:32:37.0752 3540 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:32:37.0772 3540 AtiHDAudioService - ok
16:32:37.0820 3540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:32:37.0867 3540 AudioEndpointBuilder - ok
16:32:37.0878 3540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:32:37.0924 3540 AudioSrv - ok
16:32:37.0960 3540 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:32:37.0981 3540 AxInstSV - ok
16:32:38.0015 3540 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:32:38.0033 3540 b06bdrv - ok
16:32:38.0071 3540 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:32:38.0088 3540 b57nd60a - ok
16:32:38.0150 3540 [ 216EC30BEAA9AE6818B21C969500D308 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:32:38.0174 3540 BBSvc - ok
16:32:38.0194 3540 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:32:38.0217 3540 BBUpdate - ok
16:32:38.0261 3540 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:32:38.0294 3540 BCM43XX - ok
16:32:38.0318 3540 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:32:38.0332 3540 BDESVC - ok
16:32:38.0361 3540 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:32:38.0400 3540 Beep - ok
16:32:38.0455 3540 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:32:38.0515 3540 BFE - ok
16:32:38.0625 3540 [ 41DA5845E1F8AF445BD626CF085C4541 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys
16:32:38.0662 3540 BHDrvx64 - ok
16:32:38.0696 3540 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:32:38.0746 3540 BITS - ok
16:32:38.0777 3540 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:32:38.0792 3540 blbdrive - ok
16:32:38.0848 3540 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:32:38.0862 3540 bowser - ok
16:32:38.0888 3540 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:32:38.0904 3540 BrFiltLo - ok
16:32:38.0909 3540 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:32:38.0925 3540 BrFiltUp - ok
16:32:38.0952 3540 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:32:38.0968 3540 Browser - ok
16:32:38.0987 3540 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:32:39.0004 3540 Brserid - ok
16:32:39.0010 3540 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:32:39.0027 3540 BrSerWdm - ok
16:32:39.0032 3540 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:32:39.0049 3540 BrUsbMdm - ok
16:32:39.0054 3540 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:32:39.0070 3540 BrUsbSer - ok
16:32:39.0075 3540 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:32:39.0093 3540 BTHMODEM - ok
16:32:39.0136 3540 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:32:39.0176 3540 bthserv - ok
16:32:39.0238 3540 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys
16:32:39.0258 3540 ccSet_NIS - ok
16:32:39.0279 3540 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:32:39.0328 3540 cdfs - ok
16:32:39.0368 3540 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:32:39.0392 3540 cdrom - ok
16:32:39.0416 3540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:32:39.0455 3540 CertPropSvc - ok
16:32:39.0471 3540 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:32:39.0488 3540 circlass - ok
16:32:39.0523 3540 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:32:39.0541 3540 CLFS - ok
16:32:39.0620 3540 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
16:32:39.0642 3540 CLKMSVC10_38F51D56 - ok
16:32:39.0710 3540 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:32:39.0729 3540 clr_optimization_v2.0.50727_32 - ok
16:32:39.0793 3540 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:32:39.0813 3540 clr_optimization_v2.0.50727_64 - ok
16:32:39.0841 3540 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:32:39.0852 3540 clwvd - ok
16:32:39.0890 3540 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:32:39.0903 3540 CmBatt - ok
16:32:39.0919 3540 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:32:39.0931 3540 cmdide - ok
16:32:39.0964 3540 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:32:39.0992 3540 CNG - ok
16:32:40.0028 3540 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:32:40.0048 3540 Compbatt - ok
16:32:40.0059 3540 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:32:40.0075 3540 CompositeBus - ok
16:32:40.0081 3540 COMSysApp - ok
16:32:40.0102 3540 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:32:40.0115 3540 crcdisk - ok
16:32:40.0151 3540 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:32:40.0166 3540 CryptSvc - ok
16:32:40.0208 3540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:32:40.0264 3540 DcomLaunch - ok
16:32:40.0299 3540 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:32:40.0343 3540 defragsvc - ok
16:32:40.0369 3540 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:32:40.0409 3540 DfsC - ok
16:32:40.0449 3540 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:32:40.0477 3540 Dhcp - ok
16:32:40.0482 3540 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:32:40.0522 3540 discache - ok
16:32:40.0543 3540 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:32:40.0557 3540 Disk - ok
16:32:40.0583 3540 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:32:40.0600 3540 Dnscache - ok
16:32:40.0642 3540 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:32:40.0683 3540 dot3svc - ok
16:32:40.0689 3540 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:32:40.0730 3540 DPS - ok
16:32:40.0754 3540 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:32:40.0771 3540 drmkaud - ok
16:32:40.0817 3540 [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:32:40.0846 3540 DXGKrnl - ok
16:32:40.0874 3540 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:32:40.0915 3540 EapHost - ok
16:32:41.0004 3540 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:32:41.0063 3540 ebdrv - ok
16:32:41.0082 3540 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:32:41.0097 3540 EFS - ok
16:32:41.0167 3540 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:32:41.0201 3540 ehRecvr - ok
16:32:41.0206 3540 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:32:41.0222 3540 ehSched - ok
16:32:41.0264 3540 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:32:41.0293 3540 elxstor - ok
16:32:41.0298 3540 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:32:41.0312 3540 ErrDev - ok
16:32:41.0348 3540 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:32:41.0393 3540 EventSystem - ok
16:32:41.0411 3540 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:32:41.0453 3540 exfat - ok
16:32:41.0475 3540 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:32:41.0516 3540 fastfat - ok
16:32:41.0559 3540 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:32:41.0582 3540 Fax - ok
16:32:41.0603 3540 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:32:41.0618 3540 fdc - ok
16:32:41.0659 3540 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:32:41.0705 3540 fdPHost - ok
16:32:41.0716 3540 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:32:41.0756 3540 FDResPub - ok
16:32:41.0761 3540 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:32:41.0774 3540 FileInfo - ok
16:32:41.0779 3540 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:32:41.0820 3540 Filetrace - ok
16:32:41.0835 3540 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:32:41.0849 3540 flpydisk - ok
16:32:41.0856 3540 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:32:41.0873 3540 FltMgr - ok
16:32:41.0916 3540 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:32:41.0945 3540 FontCache - ok
16:32:41.0991 3540 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:32:42.0002 3540 FontCache3.0.0.0 - ok
16:32:42.0068 3540 [ BA0F98B69D84EFAE63EA80A957F9EF31 ] FPLService C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
16:32:42.0092 3540 FPLService - ok
16:32:42.0110 3540 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:32:42.0123 3540 FsDepends - ok
16:32:42.0148 3540 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:32:42.0160 3540 Fs_Rec - ok
16:32:42.0173 3540 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:32:42.0194 3540 fvevol - ok
16:32:42.0224 3540 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:32:42.0237 3540 gagp30kx - ok
16:32:42.0302 3540 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:32:42.0320 3540 GamesAppService - ok
16:32:42.0358 3540 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:32:42.0406 3540 gpsvc - ok
16:32:42.0422 3540 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:32:42.0436 3540 hcw85cir - ok
16:32:42.0466 3540 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:32:42.0487 3540 HdAudAddService - ok
16:32:42.0513 3540 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:32:42.0532 3540 HDAudBus - ok
16:32:42.0537 3540 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:32:42.0551 3540 HidBatt - ok
16:32:42.0556 3540 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:32:42.0574 3540 HidBth - ok
16:32:42.0593 3540 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:32:42.0612 3540 HidIr - ok
16:32:42.0630 3540 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:32:42.0671 3540 hidserv - ok
16:32:42.0680 3540 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:32:42.0694 3540 HidUsb - ok
16:32:42.0718 3540 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:32:42.0758 3540 hkmsvc - ok
16:32:42.0769 3540 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:32:42.0786 3540 HomeGroupListener - ok
16:32:42.0809 3540 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:32:42.0826 3540 HomeGroupProvider - ok
16:32:42.0911 3540 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:32:42.0929 3540 HP Support Assistant Service - ok
16:32:42.0993 3540 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:32:43.0023 3540 HPAuto - ok
16:32:43.0031 3540 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:32:43.0047 3540 HPClientSvc - ok
16:32:43.0109 3540 [ 3D85344F1B6A74B5EB1D97BB8DAEE224 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:32:43.0128 3540 HPDrvMntSvc.exe - ok
16:32:43.0157 3540 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\drivers\hpdskflt.sys
16:32:43.0172 3540 hpdskflt - ok
16:32:43.0203 3540 [ 7BBD5B17B77CE24BAB3ADF54991ABB36 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:32:43.0239 3540 hpqwmiex - ok
16:32:43.0272 3540 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:32:43.0285 3540 HpSAMD - ok
16:32:43.0290 3540 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
16:32:43.0302 3540 hpsrv - ok
16:32:43.0338 3540 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:32:43.0348 3540 HPWMISVC - ok
16:32:43.0395 3540 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:32:43.0451 3540 HTTP - ok
16:32:43.0455 3540 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:32:43.0468 3540 hwpolicy - ok
16:32:43.0499 3540 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:32:43.0514 3540 i8042prt - ok
16:32:43.0540 3540 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:32:43.0559 3540 iaStorV - ok
16:32:43.0611 3540 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:32:43.0641 3540 idsvc - ok
16:32:43.0701 3540 [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys
16:32:43.0725 3540 IDSVia64 - ok
16:32:43.0765 3540 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:32:43.0778 3540 iirsp - ok
16:32:43.0817 3540 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:32:43.0867 3540 IKEEXT - ok
16:32:43.0874 3540 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:32:43.0887 3540 intelide - ok
16:32:43.0898 3540 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:32:43.0912 3540 intelppm - ok
16:32:43.0924 3540 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:32:43.0966 3540 IPBusEnum - ok
16:32:43.0971 3540 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:32:44.0011 3540 IpFilterDriver - ok
16:32:44.0054 3540 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:32:44.0075 3540 iphlpsvc - ok
16:32:44.0080 3540 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:32:44.0095 3540 IPMIDRV - ok
16:32:44.0105 3540 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:32:44.0146 3540 IPNAT - ok
16:32:44.0166 3540 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:32:44.0186 3540 IRENUM - ok
16:32:44.0190 3540 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:32:44.0203 3540 isapnp - ok
16:32:44.0234 3540 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:32:44.0251 3540 iScsiPrt - ok
16:32:44.0271 3540 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:32:44.0284 3540 kbdclass - ok
16:32:44.0289 3540 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:32:44.0303 3540 kbdhid - ok
16:32:44.0321 3540 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:32:44.0335 3540 KeyIso - ok
16:32:44.0356 3540 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:32:44.0370 3540 KSecDD - ok
16:32:44.0379 3540 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:32:44.0394 3540 KSecPkg - ok
16:32:44.0399 3540 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:32:44.0440 3540 ksthunk - ok
16:32:44.0470 3540 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:32:44.0516 3540 KtmRm - ok
16:32:44.0561 3540 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:32:44.0605 3540 LanmanServer - ok
16:32:44.0646 3540 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:32:44.0698 3540 LanmanWorkstation - ok
16:32:44.0738 3540 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:32:44.0789 3540 lltdio - ok
16:32:44.0803 3540 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:32:44.0846 3540 lltdsvc - ok
16:32:44.0864 3540 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:32:44.0905 3540 lmhosts - ok
16:32:44.0953 3540 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:32:44.0975 3540 LSI_FC - ok
16:32:44.0981 3540 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:32:44.0995 3540 LSI_SAS - ok
16:32:45.0000 3540 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:32:45.0013 3540 LSI_SAS2 - ok
16:32:45.0026 3540 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:32:45.0041 3540 LSI_SCSI - ok
16:32:45.0057 3540 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:32:45.0099 3540 luafv - ok
16:32:45.0132 3540 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:32:45.0148 3540 Mcx2Svc - ok
16:32:45.0152 3540 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:32:45.0165 3540 megasas - ok
16:32:45.0191 3540 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:32:45.0208 3540 MegaSR - ok
16:32:45.0230 3540 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:32:45.0273 3540 MMCSS - ok
16:32:45.0278 3540 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:32:45.0319 3540 Modem - ok
16:32:45.0338 3540 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:32:45.0355 3540 monitor - ok
16:32:45.0372 3540 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:32:45.0385 3540 mouclass - ok
16:32:45.0400 3540 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:32:45.0414 3540 mouhid - ok
16:32:45.0420 3540 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:32:45.0434 3540 mountmgr - ok
16:32:45.0455 3540 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:32:45.0470 3540 mpio - ok
16:32:45.0476 3540 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:32:45.0517 3540 mpsdrv - ok
16:32:45.0550 3540 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:32:45.0600 3540 MpsSvc - ok
16:32:45.0606 3540 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:32:45.0627 3540 MRxDAV - ok
16:32:45.0664 3540 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:32:45.0686 3540 mrxsmb - ok
16:32:45.0697 3540 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:32:45.0713 3540 mrxsmb10 - ok
16:32:45.0720 3540 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:32:45.0734 3540 mrxsmb20 - ok
16:32:45.0753 3540 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:32:45.0766 3540 msahci - ok
16:32:45.0772 3540 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:32:45.0787 3540 msdsm - ok
16:32:45.0808 3540 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:32:45.0825 3540 MSDTC - ok
16:32:45.0840 3540 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:32:45.0880 3540 Msfs - ok
16:32:45.0903 3540 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:32:45.0942 3540 mshidkmdf - ok
16:32:45.0947 3540 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:32:45.0959 3540 msisadrv - ok
16:32:45.0985 3540 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:32:46.0027 3540 MSiSCSI - ok
16:32:46.0031 3540 msiserver - ok
16:32:46.0052 3540 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:32:46.0092 3540 MSKSSRV - ok
16:32:46.0096 3540 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:46.0135 3540 MSPCLOCK - ok
16:32:46.0140 3540 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:32:46.0179 3540 MSPQM - ok
16:32:46.0188 3540 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:32:46.0206 3540 MsRPC - ok
16:32:46.0213 3540 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:32:46.0226 3540 mssmbios - ok
16:32:46.0238 3540 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:32:46.0277 3540 MSTEE - ok
16:32:46.0282 3540 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:32:46.0297 3540 MTConfig - ok
16:32:46.0321 3540 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:32:46.0335 3540 Mup - ok
16:32:46.0371 3540 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:32:46.0416 3540 napagent - ok
16:32:46.0456 3540 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:32:46.0480 3540 NativeWifiP - ok
16:32:46.0525 3540 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS
16:32:46.0537 3540 NAVENG - ok
16:32:46.0589 3540 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS
16:32:46.0636 3540 NAVEX15 - ok
16:32:46.0685 3540 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:32:46.0714 3540 NDIS - ok
16:32:46.0738 3540 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:46.0779 3540 NdisCap - ok
16:32:46.0810 3540 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:46.0850 3540 NdisTapi - ok
16:32:46.0855 3540 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:46.0894 3540 Ndisuio - ok
16:32:46.0900 3540 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:46.0941 3540 NdisWan - ok
16:32:46.0946 3540 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:32:46.0993 3540 NDProxy - ok
16:32:46.0998 3540 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:32:47.0037 3540 NetBIOS - ok
16:32:47.0051 3540 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:32:47.0092 3540 NetBT - ok
16:32:47.0105 3540 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:32:47.0119 3540 Netlogon - ok
16:32:47.0159 3540 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:32:47.0205 3540 Netman - ok
16:32:47.0221 3540 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:32:47.0268 3540 netprofm - ok
16:32:47.0287 3540 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:47.0299 3540 NetTcpPortSharing - ok
16:32:47.0327 3540 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:32:47.0340 3540 nfrd960 - ok
16:32:47.0393 3540 [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
16:32:47.0414 3540 NIS - ok
16:32:47.0446 3540 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:32:47.0464 3540 NlaSvc - ok
16:32:47.0483 3540 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:32:47.0524 3540 Npfs - ok
16:32:47.0541 3540 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:32:47.0582 3540 nsi - ok
16:32:47.0587 3540 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:32:47.0627 3540 nsiproxy - ok
16:32:47.0678 3540 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:32:47.0719 3540 Ntfs - ok
16:32:47.0732 3540 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:32:47.0771 3540 Null - ok
16:32:47.0801 3540 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:32:47.0821 3540 NVENETFD - ok
16:32:47.0850 3540 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:32:47.0865 3540 nvraid - ok
16:32:47.0872 3540 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:32:47.0887 3540 nvstor - ok
16:32:47.0906 3540 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:32:47.0921 3540 nv_agp - ok
16:32:47.0932 3540 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:32:47.0947 3540 ohci1394 - ok
16:32:47.0972 3540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:32:47.0991 3540 p2pimsvc - ok
16:32:48.0021 3540 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:32:48.0041 3540 p2psvc - ok
16:32:48.0059 3540 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:32:48.0074 3540 Parport - ok
16:32:48.0107 3540 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:32:48.0120 3540 partmgr - ok
16:32:48.0141 3540 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:32:48.0164 3540 PcaSvc - ok
16:32:48.0178 3540 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:32:48.0193 3540 pci - ok
16:32:48.0210 3540 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:32:48.0222 3540 pciide - ok
16:32:48.0249 3540 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:32:48.0265 3540 pcmcia - ok
16:32:48.0271 3540 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:32:48.0284 3540 pcw - ok
16:32:48.0311 3540 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:32:48.0359 3540 PEAUTH - ok
16:32:48.0413 3540 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:32:48.0433 3540 PerfHost - ok
16:32:48.0497 3540 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:32:48.0561 3540 pla - ok
16:32:48.0606 3540 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:32:48.0625 3540 PlugPlay - ok
16:32:48.0644 3540 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:32:48.0659 3540 PNRPAutoReg - ok
16:32:48.0682 3540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:32:48.0701 3540 PNRPsvc - ok
16:32:48.0730 3540 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:32:48.0775 3540 PolicyAgent - ok
16:32:48.0784 3540 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
16:32:48.0800 3540 Power - ok
16:32:48.0837 3540 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:32:48.0876 3540 PptpMiniport - ok
16:32:48.0896 3540 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:32:48.0910 3540 Processor - ok
16:32:48.0936 3540 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:32:48.0953 3540 ProfSvc - ok
16:32:48.0968 3540 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:32:48.0983 3540 ProtectedStorage - ok
16:32:49.0008 3540 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:32:49.0047 3540 Psched - ok
16:32:49.0093 3540 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:32:49.0133 3540 ql2300 - ok
16:32:49.0139 3540 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:32:49.0154 3540 ql40xx - ok
16:32:49.0177 3540 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:32:49.0201 3540 QWAVE - ok
16:32:49.0220 3540 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:32:49.0239 3540 QWAVEdrv - ok
16:32:49.0244 3540 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:32:49.0284 3540 RasAcd - ok
16:32:49.0311 3540 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:49.0356 3540 RasAgileVpn - ok
16:32:49.0376 3540 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:32:49.0419 3540 RasAuto - ok
16:32:49.0425 3540 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:49.0465 3540 Rasl2tp - ok
16:32:49.0484 3540 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:32:49.0528 3540 RasMan - ok
16:32:49.0534 3540 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:49.0574 3540 RasPppoe - ok
16:32:49.0592 3540 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:32:49.0633 3540 RasSstp - ok
16:32:49.0641 3540 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:32:49.0683 3540 rdbss - ok
16:32:49.0704 3540 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:32:49.0720 3540 rdpbus - ok
16:32:49.0736 3540 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:49.0776 3540 RDPCDD - ok
16:32:49.0825 3540 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:32:49.0864 3540 RDPENCDD - ok
16:32:49.0883 3540 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:32:49.0922 3540 RDPREFMP - ok
16:32:49.0956 3540 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:32:49.0972 3540 RDPWD - ok
16:32:50.0008 3540 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:32:50.0024 3540 rdyboost - ok
16:32:50.0046 3540 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:32:50.0088 3540 RemoteAccess - ok
16:32:50.0110 3540 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:32:50.0155 3540 RemoteRegistry - ok
16:32:50.0166 3540 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:32:50.0209 3540 RpcEptMapper - ok
16:32:50.0222 3540 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:32:50.0237 3540 RpcLocator - ok
16:32:50.0257 3540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:32:50.0303 3540 RpcSs - ok
16:32:50.0341 3540 [ 7F324DFFCA5318EEF040DBE351D038D8 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
16:32:50.0356 3540 RSP2STOR - ok
16:32:50.0397 3540 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:32:50.0438 3540 rspndr - ok
16:32:50.0471 3540 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:32:50.0493 3540 RTL8167 - ok
16:32:50.0510 3540 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:32:50.0525 3540 SamSs - ok
16:32:50.0546 3540 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:32:50.0560 3540 sbp2port - ok
16:32:50.0595 3540 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:32:50.0639 3540 SCardSvr - ok
16:32:50.0644 3540 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:32:50.0682 3540 scfilter - ok
16:32:50.0709 3540 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:32:50.0763 3540 Schedule - ok
16:32:50.0786 3540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:32:50.0825 3540 SCPolicySvc - ok
16:32:50.0853 3540 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:32:50.0872 3540 sdbus - ok
16:32:50.0900 3540 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:32:50.0917 3540 SDRSVC - ok
16:32:50.0940 3540 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:32:50.0980 3540 secdrv - ok
16:32:50.0994 3540 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:32:51.0033 3540 seclogon - ok
16:32:51.0057 3540 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:32:51.0099 3540 SENS - ok
16:32:51.0130 3540 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:32:51.0144 3540 SensrSvc - ok
16:32:51.0153 3540 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:32:51.0168 3540 Serenum - ok
16:32:51.0184 3540 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:32:51.0200 3540 Serial - ok
16:32:51.0204 3540 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:32:51.0219 3540 sermouse - ok
16:32:51.0240 3540 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:32:51.0280 3540 SessionEnv - ok
16:32:51.0285 3540 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:32:51.0302 3540 sffdisk - ok
16:32:51.0306 3540 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:32:51.0323 3540 sffp_mmc - ok
16:32:51.0334 3540 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:32:51.0351 3540 sffp_sd - ok
16:32:51.0355 3540 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:32:51.0369 3540 sfloppy - ok
16:32:51.0409 3540 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:32:51.0453 3540 SharedAccess - ok
16:32:51.0474 3540 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:32:51.0518 3540 ShellHWDetection - ok
16:32:51.0538 3540 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:32:51.0551 3540 SiSRaid2 - ok
16:32:51.0557 3540 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:32:51.0570 3540 SiSRaid4 - ok
16:32:51.0596 3540 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:32:51.0637 3540 Smb - ok
16:32:51.0663 3540 [ 8AF2546861B179E2517EB02748B4FAB7 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
16:32:51.0674 3540 SmbDrv - ok
16:32:51.0748 3540 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:32:51.0774 3540 SNMPTRAP - ok
16:32:51.0795 3540 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:32:51.0807 3540 spldr - ok
16:32:51.0841 3540 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:32:51.0862 3540 Spooler - ok
16:32:51.0956 3540 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:32:52.0043 3540 sppsvc - ok
16:32:52.0063 3540 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:32:52.0105 3540 sppuinotify - ok
16:32:52.0174 3540 [ 1321A6C3C92BBD3F3BBE1292CFF8E91A ] SRTSP C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS
16:32:52.0206 3540 SRTSP - ok
16:32:52.0221 3540 [ BD129C22C3B8C2E584227269DFA77B09 ] SRTSPX C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS
16:32:52.0232 3540 SRTSPX - ok
16:32:52.0254 3540 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:32:52.0272 3540 srv - ok
16:32:52.0281 3540 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:32:52.0300 3540 srv2 - ok
16:32:52.0342 3540 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:32:52.0359 3540 SrvHsfHDA - ok
16:32:52.0399 3540 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:32:52.0432 3540 SrvHsfV92 - ok
16:32:52.0462 3540 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:32:52.0486 3540 SrvHsfWinac - ok
16:32:52.0513 3540 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:32:52.0528 3540 srvnet - ok
16:32:52.0561 3540 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:32:52.0606 3540 SSDPSRV - ok
16:32:52.0611 3540 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:32:52.0653 3540 SstpSvc - ok
16:32:52.0743 3540 [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:32:52.0765 3540 STacSV - ok
16:32:52.0792 3540 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:32:52.0805 3540 stexstor - ok
16:32:52.0831 3540 [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:32:52.0856 3540 STHDA - ok
16:32:52.0907 3540 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:32:52.0942 3540 stisvc - ok
16:32:52.0954 3540 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:32:52.0967 3540 swenum - ok
16:32:52.0997 3540 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:32:53.0044 3540 swprv - ok
16:32:53.0080 3540 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS
16:32:53.0098 3540 SymDS - ok
16:32:53.0150 3540 [ FE29B18BF86FFCD55D8733C9B01E5042 ] SymEFA C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS
16:32:53.0185 3540 SymEFA - ok
16:32:53.0203 3540 [ 36B77F5C9E21F88A8C8EC67AD5415819 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:32:53.0217 3540 SymEvent - ok
16:32:53.0232 3540 [ DD70DA422460FDED831D211DF151D560 ] SymIRON C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS
16:32:53.0246 3540 SymIRON - ok
16:32:53.0270 3540 [ BCE4EB2EEF05E388959B46FD21388C2D ] SymNetS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS
16:32:53.0287 3540 SymNetS - ok
16:32:53.0321 3540 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\drivers\SynTP.sys
16:32:53.0338 3540 SynTP - ok
16:32:53.0404 3540 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:32:53.0448 3540 SysMain - ok
16:32:53.0459 3540 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:32:53.0481 3540 TabletInputService - ok
16:32:53.0502 3540 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:32:53.0545 3540 TapiSrv - ok
16:32:53.0561 3540 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:32:53.0603 3540 TBS - ok
16:32:53.0687 3540 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:32:53.0738 3540 Tcpip - ok
16:32:53.0773 3540 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:32:53.0821 3540 TCPIP6 - ok
16:32:53.0836 3540 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:32:53.0850 3540 tcpipreg - ok
16:32:53.0876 3540 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:32:53.0890 3540 TDPIPE - ok
16:32:53.0916 3540 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:32:53.0929 3540 TDTCP - ok
16:32:53.0935 3540 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:32:53.0975 3540 tdx - ok
16:32:53.0980 3540 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:32:53.0994 3540 TermDD - ok
16:32:54.0033 3540 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:32:54.0085 3540 TermService - ok
16:32:54.0098 3540 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:32:54.0120 3540 Themes - ok
16:32:54.0138 3540 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:32:54.0179 3540 THREADORDER - ok
16:32:54.0191 3540 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:32:54.0233 3540 TrkWks - ok
16:32:54.0310 3540 [ E06079D6BCF81AB8D07A932B209BC839 ] TrueService C:\Program Files\Common Files\AuthenTec\TrueService.exe
16:32:54.0333 3540 TrueService - ok
16:32:54.0382 3540 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:32:54.0437 3540 TrustedInstaller - ok
16:32:54.0467 3540 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:54.0506 3540 tssecsrv - ok
16:32:54.0525 3540 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:32:54.0539 3540 TsUsbFlt - ok
16:32:54.0543 3540 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:32:54.0556 3540 TsUsbGD - ok
16:32:54.0572 3540 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:32:54.0613 3540 tunnel - ok
16:32:54.0628 3540 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:32:54.0642 3540 uagp35 - ok
16:32:54.0660 3540 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:32:54.0702 3540 udfs - ok
16:32:54.0730 3540 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:32:54.0747 3540 UI0Detect - ok
16:32:54.0751 3540 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:32:54.0765 3540 uliagpkx - ok
16:32:54.0779 3540 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:32:54.0795 3540 umbus - ok
16:32:54.0800 3540 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:32:54.0814 3540 UmPass - ok
16:32:54.0844 3540 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:32:54.0890 3540 upnphost - ok
16:32:54.0925 3540 [ 2B26FCB7C634C49313FD72120FB9946E ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
16:32:54.0939 3540 usbccgp - ok
16:32:54.0964 3540 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:32:54.0982 3540 usbcir - ok
16:32:54.0987 3540 [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:32:55.0000 3540 usbehci - ok
16:32:55.0032 3540 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:32:55.0044 3540 usbfilter - ok
16:32:55.0063 3540 [ 66E1EF753543785D7E2C44719B2C5DAD ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:32:55.0080 3540 usbhub - ok
16:32:55.0085 3540 [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:32:55.0099 3540 usbohci - ok
16:32:55.0110 3540 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:32:55.0127 3540 usbprint - ok
16:32:55.0147 3540 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
16:32:55.0161 3540 USBSTOR - ok
16:32:55.0166 3540 [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:32:55.0180 3540 usbuhci - ok
16:32:55.0214 3540 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:32:55.0233 3540 usbvideo - ok
16:32:55.0251 3540 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:32:55.0293 3540 UxSms - ok
16:32:55.0303 3540 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:32:55.0318 3540 VaultSvc - ok
16:32:55.0322 3540 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:32:55.0335 3540 vdrvroot - ok
16:32:55.0360 3540 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:32:55.0406 3540 vds - ok
16:32:55.0440 3540 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:55.0457 3540 vga - ok
16:32:55.0462 3540 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:32:55.0502 3540 VgaSave - ok
16:32:55.0508 3540 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:32:55.0525 3540 vhdmp - ok
16:32:55.0533 3540 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:32:55.0545 3540 viaide - ok
16:32:55.0551 3540 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:32:55.0564 3540 volmgr - ok
16:32:55.0589 3540 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:32:55.0608 3540 volmgrx - ok
16:32:55.0624 3540 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:32:55.0641 3540 volsnap - ok
16:32:55.0665 3540 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:32:55.0680 3540 vsmraid - ok
16:32:55.0738 3540 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:32:55.0802 3540 VSS - ok
16:32:55.0807 3540 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:32:55.0824 3540 vwifibus - ok
16:32:55.0834 3540 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:32:55.0854 3540 vwififlt - ok
16:32:55.0872 3540 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:32:55.0919 3540 W32Time - ok
16:32:55.0947 3540 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:32:55.0961 3540 WacomPen - ok
16:32:55.0988 3540 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:32:56.0028 3540 WANARP - ok
16:32:56.0032 3540 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:32:56.0071 3540 Wanarpv6 - ok
16:32:56.0144 3540 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:32:56.0186 3540 WatAdminSvc - ok
16:32:56.0248 3540 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:32:56.0285 3540 wbengine - ok
16:32:56.0306 3540 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:32:56.0329 3540 WbioSrvc - ok
16:32:56.0338 3540 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:32:56.0364 3540 wcncsvc - ok
16:32:56.0374 3540 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:32:56.0390 3540 WcsPlugInService - ok
16:32:56.0421 3540 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:32:56.0434 3540 Wd - ok
16:32:56.0481 3540 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:32:56.0514 3540 Wdf01000 - ok
16:32:56.0526 3540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:32:56.0549 3540 WdiServiceHost - ok
16:32:56.0553 3540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:32:56.0575 3540 WdiSystemHost - ok
16:32:56.0595 3540 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:32:56.0621 3540 WebClient - ok
16:32:56.0645 3540 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:32:56.0689 3540 Wecsvc - ok
16:32:56.0724 3540 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:32:56.0766 3540 wercplsupport - ok
16:32:56.0813 3540 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:32:56.0855 3540 WerSvc - ok
16:32:56.0887 3540 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:32:56.0927 3540 WfpLwf - ok
16:32:56.0944 3540 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:32:56.0956 3540 WIMMount - ok
16:32:56.0968 3540 WinDefend - ok
16:32:56.0973 3540 WinHttpAutoProxySvc - ok
16:32:57.0027 3540 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:32:57.0070 3540 Winmgmt - ok
16:32:57.0145 3540 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:32:57.0214 3540 WinRM - ok
16:32:57.0256 3540 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:32:57.0273 3540 WinUsb - ok
16:32:57.0297 3540 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:32:57.0330 3540 Wlansvc - ok
16:32:57.0390 3540 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:32:57.0406 3540 wlcrasvc - ok
16:32:57.0472 3540 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:32:57.0528 3540 wlidsvc - ok
16:32:57.0564 3540 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:32:57.0578 3540 WmiAcpi - ok
16:32:57.0614 3540 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:32:57.0631 3540 wmiApSrv - ok
16:32:57.0663 3540 WMPNetworkSvc - ok
16:32:57.0685 3540 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:32:57.0700 3540 WPCSvc - ok
16:32:57.0721 3540 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:32:57.0739 3540 WPDBusEnum - ok
16:32:57.0743 3540 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:32:57.0784 3540 ws2ifsl - ok
16:32:57.0802 3540 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:32:57.0824 3540 wscsvc - ok
16:32:57.0828 3540 WSearch - ok
16:32:57.0900 3540 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:32:57.0959 3540 wuauserv - ok
16:32:57.0992 3540 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:32:58.0008 3540 WudfPf - ok
16:32:58.0024 3540 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:32:58.0040 3540 WUDFRd - ok
16:32:58.0049 3540 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:32:58.0065 3540 wudfsvc - ok
16:32:58.0103 3540 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:32:58.0120 3540 WwanSvc - ok
16:32:58.0140 3540 ================ Scan global ===============================
16:32:58.0166 3540 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:32:58.0195 3540 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
16:32:58.0207 3540 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
16:32:58.0240 3540 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:32:58.0274 3540 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:32:58.0280 3540 [Global] - ok
16:32:58.0281 3540 ================ Scan MBR ==================================
16:32:58.0292 3540 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:32:58.0406 3540 \Device\Harddisk0\DR0 - ok
16:32:58.0407 3540 ================ Scan VBR ==================================
16:32:58.0410 3540 [ B250E485B4564F579932CF115A6818B4 ] \Device\Harddisk0\DR0\Partition1
16:32:58.0412 3540 \Device\Harddisk0\DR0\Partition1 - ok
16:32:58.0427 3540 [ 6EDCD828ADFFE808CFEA7F8B9CCD331E ] \Device\Harddisk0\DR0\Partition2
16:32:58.0430 3540 \Device\Harddisk0\DR0\Partition2 - ok
16:32:58.0456 3540 [ 646374319DD99FC5FFF99D60C8A91D4B ] \Device\Harddisk0\DR0\Partition3
16:32:58.0457 3540 \Device\Harddisk0\DR0\Partition3 - ok
16:32:58.0476 3540 [ BB32ECDA36C3C0F90AE6D6CE0FAB0ABD ] \Device\Harddisk0\DR0\Partition4
16:32:58.0478 3540 \Device\Harddisk0\DR0\Partition4 - ok
16:32:58.0478 3540 ============================================================
16:32:58.0478 3540 Scan finished
16:32:58.0478 3540 ============================================================
16:32:58.0492 2700 Detected object count: 0
16:32:58.0492 2700 Actual detected object count: 0
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 13th, 2012, 7:47 am

Hi rmshaffer,

I apologize for taking so long but was unable to get on my computer and had to reset yet again.


In order to diagnose malware issues remotely we need a stable computer to work on, if the computer has to be reset so often it may well be that remote diagnosis is impossible and the computer may need to go to a repair shop.

Is the computer still under waranty?


Check Hard Disk For Errors
Open an Elevated Command Prompt

You will be switching between command prompt and browser windows.

  1. Press the Image button
  2. In the Start Menu search box area type:
    cmd
  3. Right click on cmd.exe (at top of the menu)... click on Run As Administrator.
    A black screen will open. You should see the elevated command prompt open to C:\Windows\System32
    Leave it open...
  4. Go back to your browser.

    On the Browser screen
  5. Copy the following command line (including the quotes):
    chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
  6. Go back to the open (black screen) command prompt.

    At the Command Prompt window.
  7. Right click on the window title "Administrator Command Prompt" area. A menu will appear.
  8. Select Edit... then choose Paste. You should see the chkdsk command string you copied, in the black window.
  9. Press Enter ... Chkdsk will now start checking your hard drive. DO NOT CLOSE the Command Prompt window!
    The Chkdsk process can take a while, depending on the size of your hard drive.
    A file named checkhd.txt will appear on your desktop while Chkdsk is running.
  10. When your hard drive light stop flashing constantly... Open the checkhd.txt file.
    You should see totals of bytes on the drive, bytes in files...etc. If you do not see these totals, Chkdsk is still running, close the file, wait a little longer.
  11. Please post the contents of the checkhd.txt file, in your next reply.
    Note: If you are in a administrator account and get a log in prompt after doing any of the above steps, then click on the Cancel button and repeat the above process again. This will only happen the very first time you try to open a elevated command prompt in Windows 7.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 13th, 2012, 9:53 am

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
126 large file records processed.

0 bad file records processed.

0 EA records processed.

44 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
26212 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.


Yes, it is still under warranty. Do you think it is a problem with the computer itself?
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 13th, 2012, 10:40 am

Hi rmshaffer,

Yes, it is still under warranty. Do you think it is a problem with the computer itself?


Normally, a factory reset would remove most forms of malware so that would suggest that the problems are with the computer.

When you reach a point where the computer needs to be reset, what are symptoms at that stage?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: I am starting to hate computers!!!!!!!

Unread postby rmshaffer » December 15th, 2012, 12:45 pm

I contacted HP and they helped me strip my hard drive and install windows 8, so far no problems at all!
Thank you for your help, I appreciate it. Now I may try to fix my desktop computer with your help!
rmshaffer
Active Member
 
Posts: 8
Joined: December 8th, 2012, 7:39 pm

Re: I am starting to hate computers!!!!!!!

Unread postby deltalima » December 15th, 2012, 12:59 pm

Hi rmshaffer,

I contacted HP and they helped me strip my hard drive and install windows 8, so far no problems at all!


Great! Glad to hear the problem is sorted.

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 119 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware