Thanks Cypher
# AdwCleaner v3.011 - Report created 10/11/2013 at 23:45:24
# Updated 03/11/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : gary - MASTER
# Running from : C:\Users\gary\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v25.0 (en-GB)
[ File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\87vd2679.default-1383943300214\prefs.js ]
*************************
AdwCleaner[R0].txt - [833 octets] - [09/11/2013 14:23:53]
AdwCleaner[R1].txt - [871 octets] - [10/11/2013 23:44:42]
AdwCleaner[S0].txt - [853 octets] - [09/11/2013 14:25:20]
AdwCleaner[S1].txt - [793 octets] - [10/11/2013 23:45:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [852 octets] ##########
OTL logfile created on: 10/11/2013 23:50:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.22 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 63.27% Memory free
6.47 Gb Paging File | 5.06 Gb Available in Paging File | 78.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.53 Gb Total Space | 629.99 Gb Free Space | 93.12% Space Free | Partition Type: NTFS
Drive D: | 21.33 Gb Total Space | 1.73 Gb Free Space | 8.10% Space Free | Partition Type: NTFS
Drive F: | 1.89 Gb Total Space | 0.97 Gb Free Space | 51.39% Space Free | Partition Type: FAT
Computer Name: MASTER | User Name: gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/10 23:49:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gary\Desktop\OTL.exe
PRC - [2013/10/30 08:33:36 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/15 18:24:28 | 007,558,464 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\OAui.exe
PRC - [2013/10/15 18:24:14 | 004,457,688 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\OAsrv.exe
PRC - [2013/10/15 18:23:55 | 003,976,672 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\OAhlp.exe
PRC - [2013/10/15 18:23:47 | 000,584,864 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\OAcat.exe
PRC - [2013/09/05 03:09:20 | 000,441,408 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013/02/25 12:39:26 | 001,045,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2013/02/01 16:00:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2013/01/17 10:14:08 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/09/12 23:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2012/09/12 23:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2012/07/13 14:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/06/08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
========== Modules (No Company Name) ========== MOD - [2013/10/30 08:33:18 | 003,368,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/07/15 18:29:04 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2012/09/12 23:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2012/09/12 23:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2012/09/12 23:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2012/09/12 23:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2012/09/12 23:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2012/09/12 23:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2012/09/12 23:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2012/06/08 10:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/07/02 01:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:
64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:
64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:
64bit: - [2013/04/09 05:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2013/03/21 20:24:48 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:
64bit: - [2013/03/21 20:24:48 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:
64bit: - [2013/03/21 20:15:10 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:
64bit: - [2013/03/21 19:51:45 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:
64bit: - [2013/03/21 19:51:25 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:
64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:
64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:
64bit: - [2013/03/01 14:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:
64bit: - [2013/02/26 08:55:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2013/02/25 23:31:30 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:
64bit: - [2013/02/20 06:10:00 | 000,239,176 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:
64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:
64bit: - [2012/07/26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:
64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:
64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:
64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:
64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:
64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:
64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:
64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:
64bit: - [2012/07/26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:
64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:
64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:
64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:
64bit: - [2009/11/18 03:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/10/30 08:33:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/24 07:19:10 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/15 18:24:14 | 004,457,688 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAsrv.exe -- (SvcOnlineArmor)
SRV - [2013/10/15 18:23:47 | 000,584,864 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAcat.exe -- (OAcat)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/21 20:15:10 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/02/01 16:00:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 04:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/26 04:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/11/08 18:00:45 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdkmafd.sys -- (amdkmafd)
DRV:
64bit: - [2013/11/08 17:59:12 | 001,544,704 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rtwlane.sys -- (RTWlanE)
DRV:
64bit: - [2013/11/08 17:56:52 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:
64bit: - [2013/10/15 18:24:47 | 000,035,368 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\OAnet.sys -- (OAnet)
DRV:
64bit: - [2013/07/02 01:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:
64bit: - [2013/07/01 23:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:
64bit: - [2013/05/04 08:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:
64bit: - [2013/05/04 08:34:17 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:
64bit: - [2013/05/04 08:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:
64bit: - [2013/03/21 20:24:48 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:
64bit: - [2013/03/21 20:18:53 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:
64bit: - [2013/03/21 20:15:10 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:
64bit: - [2013/03/21 20:08:41 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:
64bit: - [2013/03/21 20:08:41 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:
64bit: - [2013/03/21 20:08:41 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:
64bit: - [2013/03/21 19:54:05 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2013/03/21 19:51:22 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2013/03/21 19:51:22 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2013/03/21 19:51:22 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:
64bit: - [2013/03/02 11:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:
64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:
64bit: - [2013/03/02 11:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2013/03/02 11:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:
64bit: - [2013/03/01 14:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:
64bit: - [2013/03/01 14:40:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:
64bit: - [2013/02/26 09:54:40 | 011,635,200 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2013/02/26 08:28:22 | 000,578,560 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2013/02/15 04:41:14 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:
64bit: - [2013/02/06 05:54:18 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2013/02/06 05:54:16 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:
64bit: - [2013/02/06 05:54:16 | 000,028,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:
64bit: - [2013/02/02 08:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:
64bit: - [2013/02/02 01:08:18 | 000,448,072 | ---- | M] (RTS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsPer.sys -- (RTSPER)
DRV:
64bit: - [2013/01/24 01:29:56 | 000,288,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:
64bit: - [2012/11/30 10:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:
64bit: - [2012/11/30 10:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:
64bit: - [2012/11/20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:
64bit: - [2012/10/26 15:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:
64bit: - [2012/10/26 15:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:
64bit: - [2012/08/31 08:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:
64bit: - [2012/08/28 16:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:
64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:
64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:
64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:
64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:
64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:
64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:
64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:
64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:
64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:
64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:
64bit: - [2012/07/26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:
64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:
64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:
64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:
64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:
64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:
64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:
64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:
64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:
64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:
64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:
64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:
64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:
64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:
64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:
64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:
64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:
64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:
64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:
64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:
64bit: - [2012/06/25 09:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:
64bit: - [2012/06/02 15:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2012/04/09 08:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2013/10/15 18:24:46 | 000,064,720 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice)
DRV - [2013/10/15 18:24:46 | 000,052,360 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon)
DRV - [2013/10/15 18:23:56 | 000,062,008 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com?pc=HPNTDFJSIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com?pc=HPNTDFJSIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:
64bit: - HKLM\..\SearchScopes\{3D825857-AB19-445E-8D25-5C48DFD14D97}: "URL" =
http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE:
64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com?pc=HPNTDFJSIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com?pc=HPNTDFJSIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3D825857-AB19-445E-8D25-5C48DFD14D97}: "URL" =
http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com?pc=HPNTDFJSIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com?pc=HPNTDFJSIE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{3D825857-AB19-445E-8D25-5C48DFD14D97}: "URL" =
http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://fr.search.yahoo.com/?type=198484&fr=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/09/09 19:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gary\AppData\Roaming\mozilla\Extensions
[2013/10/30 08:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/30 08:33:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
File not found (No name found) -- C:\USERS\GARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\87VD2679.DEFAULT-1383943300214\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:
64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:
64bit: - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\OAui.exe (Emsisoft GmbH)
O4:
64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - Startup: C:\Users\gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:
64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bitdefender.com/qsax/qsax.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B47FD772-DB93-4D54-BE92-82AC918DD80D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/08 23:10:15 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/11/10 23:49:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gary\Desktop\OTL.exe
[2013/11/10 23:39:04 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2013/11/09 14:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/09 14:23:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/09 13:47:39 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/11/08 23:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/11/08 23:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/08 21:41:44 | 000,000,000 | ---D | C] -- C:\Users\gary\Desktop\Old Firefox Data
[2013/11/08 17:56:52 | 000,830,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2013/11/08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\gary\AppData\Roaming\Apple Computer
[2013/11/08 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/08 17:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/08 17:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/08 17:10:23 | 000,000,000 | ---D | C] -- C:\Users\gary\AppData\Roaming\IObit
[2013/11/08 17:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/05 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\gary\AppData\Roaming\WinRAR
[2013/11/05 20:24:56 | 000,000,000 | ---D | C] -- C:\Users\gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/11/05 20:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/11/05 20:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/10/30 08:33:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/29 12:20:29 | 000,000,000 | ---D | C] -- C:\Users\gary\AppData\Roaming\vlc
[2013/10/29 12:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/10/29 12:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/11/10 23:51:31 | 001,994,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/10 23:51:31 | 000,877,348 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/11/10 23:51:31 | 000,788,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/10 23:51:31 | 000,191,806 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/11/10 23:51:31 | 000,162,458 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/10 23:49:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gary\Desktop\OTL.exe
[2013/11/10 23:48:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/10 23:46:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/10 23:46:08 | 2762,526,720 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/10 18:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/09 21:32:50 | 000,190,692 | ---- | M] () -- C:\Users\gary\AppData\Local\recently-used.xbel
[2013/11/09 21:32:16 | 000,077,157 | ---- | M] () -- C:\Users\gary\Desktop\gpot.jpg
[2013/11/09 14:23:08 | 001,073,262 | ---- | M] () -- C:\Users\gary\Desktop\AdwCleaner.exe
[2013/11/08 23:10:15 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/11/08 17:56:52 | 000,830,680 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2013/11/08 16:45:36 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForgary.job
[2013/11/07 22:05:32 | 003,867,956 | ---- | M] () -- C:\Users\gary\Desktop\Barley_by_jsz.png
[2013/11/07 20:23:46 | 000,270,303 | ---- | M] () -- C:\Users\gary\Desktop\lavender_bag.jpg
[2013/11/07 17:37:22 | 000,070,361 | ---- | M] () -- C:\Users\gary\Desktop\rosehips.jpg
[2013/11/07 17:28:13 | 000,047,476 | ---- | M] () -- C:\Users\gary\Desktop\broccoli-seedlings.jpg
[2013/11/07 17:25:53 | 000,008,876 | ---- | M] () -- C:\Users\gary\Desktop\growth.jpg
[2013/11/07 16:58:33 | 000,075,819 | ---- | M] () -- C:\Users\gary\Desktop\yoga_private_session-474x300.jpg
[2013/11/07 16:28:53 | 000,176,624 | ---- | M] () -- C:\Users\gary\Desktop\frb3-9g-sml.jpg
[2013/11/07 16:21:02 | 000,338,943 | ---- | M] () -- C:\Users\gary\Desktop\Christmas Lights 082.JPG
[2013/11/07 16:12:18 | 000,577,966 | ---- | M] () -- C:\Users\gary\Desktop\Winter-snow-flakes-winter-22231258-1238-768.jpg
[2013/11/07 11:34:44 | 000,321,626 | ---- | M] () -- C:\Users\gary\Desktop\wreath.jpg
[2013/11/05 16:16:29 | 000,068,695 | ---- | M] () -- C:\Users\gary\Desktop\lavender-rosemary-bath-salts.jpg
[2013/11/05 15:01:22 | 000,270,960 | ---- | M] () -- C:\Users\gary\Desktop\attestation_prescod_MSA.pdf
[2013/11/05 14:58:10 | 000,438,022 | ---- | M] () -- C:\Users\gary\Desktop\attestation_prescod_civile.pdf
[2013/11/04 20:18:18 | 000,021,285 | ---- | M] () -- C:\Users\gary\Desktop\theiere-poussoire-fonte.jpg
[2013/11/04 20:18:05 | 000,013,300 | ---- | M] () -- C:\Users\gary\Desktop\chutneyFiguesFromages.jpg
[2013/11/04 17:06:50 | 000,024,741 | ---- | M] () -- C:\Users\gary\Desktop\chutney et condiments1.jpg
[2013/11/04 16:00:49 | 000,040,354 | ---- | M] () -- C:\Users\gary\Desktop\Mixed Herbs 060909.JPG
[2013/11/04 12:23:37 | 000,002,304 | ---- | M] () -- C:\Users\gary\Desktop\vinegar.jpg
[2013/11/03 18:12:28 | 000,190,210 | ---- | M] () -- C:\Users\gary\Desktop\yy-Herb-Flower-Mix-1024x708.jpg
[2013/11/03 18:10:10 | 000,184,734 | ---- | M] () -- C:\Users\gary\Desktop\Herb-Tops-Sage-Mix-Web.jpg
[2013/11/03 16:19:40 | 000,167,101 | ---- | M] () -- C:\Users\gary\Desktop\Hypnoanalysis-children’s-emotional-wellbeing-Suffolk.jpg
[2013/11/03 13:19:26 | 000,186,699 | ---- | M] () -- C:\Users\gary\Desktop\herbal-tea11.jpg
[2013/11/03 13:17:08 | 000,113,561 | ---- | M] () -- C:\Users\gary\Desktop\tilleul_tisane .JPG
[2013/11/03 12:56:10 | 000,008,411 | ---- | M] () -- C:\Users\gary\Desktop\jar2.jpg
[2013/11/03 12:55:54 | 012,040,735 | ---- | M] () -- C:\Users\gary\Desktop\stinging_nettle.jpg
[2013/11/03 12:35:12 | 009,445,573 | ---- | M] () -- C:\Users\gary\Desktop\jar.png
[2013/10/31 17:26:18 | 000,028,735 | ---- | M] () -- C:\Users\gary\Desktop\matthiola-incana-white.jpg
[2013/10/29 15:41:37 | 000,001,119 | ---- | M] () -- C:\Users\gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/10/25 15:51:26 | 000,222,252 | ---- | M] () -- C:\Users\gary\Desktop\baumes.odp
[2013/10/22 15:34:23 | 000,357,150 | ---- | M] () -- C:\Users\gary\Desktop\P8.JPG
[2013/10/22 15:33:01 | 000,225,875 | ---- | M] () -- C:\Users\gary\Desktop\P7.JPG
[2013/10/22 15:32:18 | 000,447,299 | ---- | M] () -- C:\Users\gary\Desktop\P6.JPG
[2013/10/22 15:31:19 | 000,362,547 | ---- | M] () -- C:\Users\gary\Desktop\P5.JPG
[2013/10/22 15:27:58 | 000,222,562 | ---- | M] () -- C:\Users\gary\Desktop\P3.JPG
[2013/10/22 15:27:17 | 000,337,208 | ---- | M] () -- C:\Users\gary\Desktop\P2.JPG
[2013/10/22 15:26:06 | 000,192,947 | ---- | M] () -- C:\Users\gary\Desktop\P1.JPG
[2013/10/21 12:14:51 | 000,069,461 | ---- | M] () -- C:\Users\gary\Desktop\J2.JPG
[2013/10/21 12:13:21 | 000,267,848 | ---- | M] () -- C:\Users\gary\Desktop\J1.JPG
[2013/10/15 18:24:47 | 000,035,368 | ---- | M] (Emsisoft) -- C:\Windows\SysNative\drivers\OAnet.sys
[2013/10/15 18:24:46 | 000,064,720 | ---- | M] () -- C:\Windows\SysWow64\drivers\OADriver.sys
[2013/10/15 18:24:46 | 000,052,360 | ---- | M] (Emsisoft) -- C:\Windows\SysWow64\drivers\OAmon.sys
[2013/10/15 18:23:56 | 000,062,008 | ---- | M] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/11/09 21:32:50 | 000,190,692 | ---- | C] () -- C:\Users\gary\AppData\Local\recently-used.xbel
[2013/11/09 14:22:50 | 001,073,262 | ---- | C] () -- C:\Users\gary\Desktop\AdwCleaner.exe
[2013/11/08 23:10:15 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/11/07 22:04:17 | 003,867,956 | ---- | C] () -- C:\Users\gary\Desktop\Barley_by_jsz.png
[2013/11/07 20:23:44 | 000,270,303 | ---- | C] () -- C:\Users\gary\Desktop\lavender_bag.jpg
[2013/11/07 17:37:20 | 000,070,361 | ---- | C] () -- C:\Users\gary\Desktop\rosehips.jpg
[2013/11/07 17:28:12 | 000,047,476 | ---- | C] () -- C:\Users\gary\Desktop\broccoli-seedlings.jpg
[2013/11/07 17:25:51 | 000,008,876 | ---- | C] () -- C:\Users\gary\Desktop\growth.jpg
[2013/11/07 16:58:30 | 000,075,819 | ---- | C] () -- C:\Users\gary\Desktop\yoga_private_session-474x300.jpg
[2013/11/07 16:28:51 | 000,176,624 | ---- | C] () -- C:\Users\gary\Desktop\frb3-9g-sml.jpg
[2013/11/07 16:20:57 | 000,338,943 | ---- | C] () -- C:\Users\gary\Desktop\Christmas Lights 082.JPG
[2013/11/07 16:12:16 | 000,577,966 | ---- | C] () -- C:\Users\gary\Desktop\Winter-snow-flakes-winter-22231258-1238-768.jpg
[2013/11/07 11:34:44 | 000,321,626 | ---- | C] () -- C:\Users\gary\Desktop\wreath.jpg
[2013/11/05 16:16:28 | 000,068,695 | ---- | C] () -- C:\Users\gary\Desktop\lavender-rosemary-bath-salts.jpg
[2013/11/05 15:01:22 | 000,270,960 | ---- | C] () -- C:\Users\gary\Desktop\attestation_prescod_MSA.pdf
[2013/11/05 14:57:56 | 000,438,022 | ---- | C] () -- C:\Users\gary\Desktop\attestation_prescod_civile.pdf
[2013/11/05 14:12:32 | 000,021,285 | ---- | C] () -- C:\Users\gary\Desktop\theiere-poussoire-fonte.jpg
[2013/11/04 20:20:02 | 000,013,300 | ---- | C] () -- C:\Users\gary\Desktop\chutneyFiguesFromages.jpg
[2013/11/04 20:18:51 | 000,024,741 | ---- | C] () -- C:\Users\gary\Desktop\chutney et condiments1.jpg
[2013/11/04 16:02:18 | 000,040,354 | ---- | C] () -- C:\Users\gary\Desktop\Mixed Herbs 060909.JPG
[2013/11/04 12:23:35 | 000,002,304 | ---- | C] () -- C:\Users\gary\Desktop\vinegar.jpg
[2013/11/03 23:21:13 | 000,077,157 | ---- | C] () -- C:\Users\gary\Desktop\gpot.jpg
[2013/11/03 18:12:27 | 000,190,210 | ---- | C] () -- C:\Users\gary\Desktop\yy-Herb-Flower-Mix-1024x708.jpg
[2013/11/03 18:10:09 | 000,184,734 | ---- | C] () -- C:\Users\gary\Desktop\Herb-Tops-Sage-Mix-Web.jpg
[2013/11/03 16:19:38 | 000,167,101 | ---- | C] () -- C:\Users\gary\Desktop\Hypnoanalysis-children’s-emotional-wellbeing-Suffolk.jpg
[2013/11/03 13:19:25 | 000,186,699 | ---- | C] () -- C:\Users\gary\Desktop\herbal-tea11.jpg
[2013/11/03 13:17:05 | 000,113,561 | ---- | C] () -- C:\Users\gary\Desktop\tilleul_tisane .JPG
[2013/11/03 12:56:10 | 000,008,411 | ---- | C] () -- C:\Users\gary\Desktop\jar2.jpg
[2013/11/03 12:54:37 | 012,040,735 | ---- | C] () -- C:\Users\gary\Desktop\stinging_nettle.jpg
[2013/11/03 12:33:55 | 009,445,573 | ---- | C] () -- C:\Users\gary\Desktop\jar.png
[2013/11/01 10:36:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForgary.job
[2013/10/31 17:26:16 | 000,028,735 | ---- | C] () -- C:\Users\gary\Desktop\matthiola-incana-white.jpg
[2013/10/29 15:41:37 | 000,001,119 | ---- | C] () -- C:\Users\gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/10/25 15:27:30 | 000,222,252 | ---- | C] () -- C:\Users\gary\Desktop\baumes.odp
[2013/10/24 07:19:11 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/22 15:34:22 | 000,357,150 | ---- | C] () -- C:\Users\gary\Desktop\P8.JPG
[2013/10/22 15:33:01 | 000,225,875 | ---- | C] () -- C:\Users\gary\Desktop\P7.JPG
[2013/10/22 15:32:18 | 000,447,299 | ---- | C] () -- C:\Users\gary\Desktop\P6.JPG
[2013/10/22 15:31:18 | 000,362,547 | ---- | C] () -- C:\Users\gary\Desktop\P5.JPG
[2013/10/22 15:27:58 | 000,222,562 | ---- | C] () -- C:\Users\gary\Desktop\P3.JPG
[2013/10/22 15:27:17 | 000,337,208 | ---- | C] () -- C:\Users\gary\Desktop\P2.JPG
[2013/10/22 15:26:06 | 000,192,947 | ---- | C] () -- C:\Users\gary\Desktop\P1.JPG
[2013/10/21 12:14:50 | 000,069,461 | ---- | C] () -- C:\Users\gary\Desktop\J2.JPG
[2013/10/21 12:13:21 | 000,267,848 | ---- | C] () -- C:\Users\gary\Desktop\J1.JPG
[2013/09/14 15:57:45 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/07/25 10:51:04 | 000,064,720 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys
[2013/07/25 10:51:04 | 000,062,008 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
[2013/04/11 11:06:44 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/04/11 11:01:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/03/21 19:51:25 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/02/26 07:47:58 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/02/26 07:47:58 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/11/26 23:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/10/26 15:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/10/26 15:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/10/26 15:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/08/03 23:40:09 | 000,916,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/07/25 21:22:54 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012/07/25 21:22:54 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012/07/25 21:22:54 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012/06/02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ========== [2013/03/21 12:29:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 07:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 06:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/10/09 15:16:49 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\Desktop Apps
[2013/11/08 17:39:38 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\IObit
[2013/09/30 17:27:15 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\Leadertech
[2013/07/25 10:53:50 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\OnlineArmor
[2013/09/13 12:40:24 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\OpenOffice
[2013/07/18 10:42:24 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\Synaptics
[2013/07/25 10:35:58 | 000,000,000 | ---D | M] -- C:\Users\gary\AppData\Roaming\WinPatrol
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 684 bytes -> C:\Users\gary\Desktop\colis déposé.eml:OECustomProperty
< End of report >
OTL Extras logfile created on: 10/11/2013 23:50:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.22 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 63.27% Memory free
6.47 Gb Paging File | 5.06 Gb Available in Paging File | 78.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.53 Gb Total Space | 629.99 Gb Free Space | 93.12% Space Free | Partition Type: NTFS
Drive D: | 21.33 Gb Total Space | 1.73 Gb Free Space | 8.10% Space Free | Partition Type: NTFS
Drive F: | 1.89 Gb Total Space | 0.97 Gb Free Space | 51.39% Space Free | Partition Type: FAT
Computer Name: MASTER | User Name: gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1091D3A3-F826-4E88-88B2-F64C6FAF4532}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14540906-1FA8-4372-B35E-11180C3DD46B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{20B2ED92-D300-4562-93CB-994994526EF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3ED339EF-6DF0-4D90-9CB1-8B73F537356A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{47B988F9-A035-4F9C-98E6-7BA01AB2193E}" = lport=138 | protocol=17 | dir=in | app=system |
"{4939F54D-5355-4E65-864D-3A07D4E5884C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5DC07634-8C21-480C-8335-46E4B529242C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{648761D4-E8D8-4F38-B230-5A2A571C5C7D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{65D54D53-4B99-42D0-9CD2-8EF46EA17E06}" = lport=137 | protocol=17 | dir=in | app=system |
"{6EF4BC19-42B4-4EE8-98C1-A557430F036B}" = lport=139 | protocol=6 | dir=in | app=system |
"{6F8A1A29-B4E0-4723-8D8A-15F6F609B52F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72AC46B9-B480-4DFF-BC13-A8DBC5A6FA44}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7809E84F-C78E-4BCB-B8FE-EB87C492B0EF}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A04EB9B-E198-4D4A-83A3-394C04DE6C24}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A166FA9C-4484-4EFB-8DC8-823A94682EFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AD7D1C92-F78C-4E25-9BF0-8803664A6AF9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
name=@firewallapi.dll,-28539 |
"{AFC0E036-A5E4-4DFB-88D5-DC6BB7E9E3CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B37A607A-B585-4A83-9618-92A8EE6E7640}" = rport=137 | protocol=17 | dir=out | app=system |
"{D5278280-3009-4073-83C5-03A59E9F2F77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E83465B1-487E-4202-94C4-30D2F4AF2BE9}" = lport=445 | protocol=6 | dir=in | app=system |
"{E9E75AAA-E59F-4769-8A8E-29DDE3908EE8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE0236D6-AB78-4021-8B8E-1424E97AFFA2}" = rport=138 | protocol=17 | dir=out | app=system |
"{F05DB3AC-8470-44F3-B1F7-1D484F64D392}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0064A27E-CFC8-4306-A7BA-7E3F832CEF2F}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{009945CE-1D59-4F81-974A-4E88E9BA13F1}" = protocol=1 | dir=out |
name=@firewallapi.dll,-28544 |
"{0662D6EF-8D45-48CF-BFBB-8EC34F44FC43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0799EB23-C81A-44EF-8C31-E545DDD0BBC0}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{081A9D73-4E21-46E3-9057-124CF096A0CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14EC8D37-24EB-45F1-AEC7-99D00C8FAF60}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 |
"{1A2240A7-C470-41A5-AC28-1D208D3BC1F5}" = protocol=6 | dir=in | app=c:\users\gary\appdata\local\temp\7zs7824\hppiw.exe |
"{1DD91E00-FFCC-4B4D-A011-1C8B5DB27090}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{252575FE-C994-4335-979D-65A645EDCDA8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2D079DC0-FDF6-4E50-9049-7E9CFE89F344}" = protocol=6 | dir=out | app=system |
"{324FC36A-415D-497C-9E8E-5C67470E61BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{34329C33-1DB8-472B-8ACE-2854151974DF}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3C5ED98B-DBD0-46A2-A189-435855D38CEB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3DC731CA-5A41-4F03-9D17-A6DEDD389552}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41E9254F-3AB9-41AA-B009-E0FE6C091CF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4359110B-7BBC-42CE-A15D-54168409897B}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{4474C3AB-E1D8-4104-AC8D-5837CB582212}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4E8819E0-0F9B-40DD-AD83-53ABD298043E}" = protocol=58 | dir=out |
name=@firewallapi.dll,-28546 |
"{4F5EDA5C-1292-46B1-818F-40A8C7C96A9C}" = dir=in | name=hp printer control |
"{5180CECD-9811-4FC7-8AE7-6713C0F5CFBE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{56A57DB6-C6D0-49D0-8B1A-83030C899456}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B828D20-C3A5-46D1-AFF7-09593D7F7DB8}" = protocol=17 | dir=in | app=c:\users\gary\appdata\local\temp\7zs7824\hppiw.exe |
"{629D0ED3-354C-4010-95EF-C3BDE11E07FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68869A28-FFE9-4015-9BF4-9EF74B0CDD59}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{748E2FD5-140E-43F8-9674-E98999B05CFF}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7D9A7539-D8A2-4F85-ABE0-DCB96492EB41}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{93072936-D2AC-417D-B4A3-E8C80FB797DC}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{9316BDBC-9A56-459F-AF64-3A9EAD54EE58}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9C1F90A3-AC2F-47C9-B193-E6993709455E}" = dir=out | name=hp printer control |
"{9F260839-4C69-43B0-B5A9-2E23E714E20F}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{A39B86D6-11AB-4A3A-A911-857E2CD10314}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5D326E4-842E-48D0-B201-6F74E373DFE7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AAE716C2-0835-43A6-8E83-83310384B7D5}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |
"{AB075ACE-3A87-4780-963A-6204C1A27413}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicatorcom.exe |
"{ACE41FD1-47AB-49A3-977C-A3B96585A420}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{AE8F5C72-7B84-4A4E-86D5-490535258EC5}" = protocol=1 | dir=in |
name=@firewallapi.dll,-28543 |
"{B44BC352-FC84-4582-833D-A46B895C5F80}" = protocol=58 | dir=in |
name=@firewallapi.dll,-28545 |
"{B56AAD70-21B6-4F80-988A-8F3257A42513}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C0990AAD-6941-464D-BA50-2469437802AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D53E3861-2880-42C6-B1AD-583474146397}" = dir=out | name=getting started with windows 8 |
"{D9F2C319-FF74-402D-809B-3B823F3FF564}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC934A56-7690-48DB-82F8-E7F4947C1BE6}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E0829ECE-1C52-47B6-B98F-3E7C312A52E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E42556ED-AA1F-42F1-A014-8117B1D59860}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E45B0C21-6E9B-40C9-8800-290984CD32A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8DC5F4E-EDA6-4860-8093-23190982760D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{F103A0F1-4AC6-4204-A49D-0497B7C04E48}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{F23C1D76-A047-4C89-A93B-AF5611AE21BD}" = dir=out | name=hp registration |
"{FA9D0B6A-D70F-46DE-BE24-AB091EF8D7C0}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{FB6FBB1E-C18E-4E72-AA55-5D2AAD25650A}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |
"{FE4B7F58-39B8-4573-B70A-5D0D7F60F473}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73237EBB-B26F-4628-8754-4EFE563D72E9}" = HP Utility Center
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DF3589E-483F-65F3-32F7-006C0B162891}" = AMD Fuel
"{9E2BF31C-7E39-C549-8AFE-56C3B927BD91}" = AMD Catalyst Install Manager
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AFD060D5-8D37-8B06-6A03-F2C5128496ED}" = ccc-utility64
"{CFF43B48-42A1-4967-9506-7E341BBD075F}" = HP Photosmart 5510 series Basic Device Software
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F2B9FC01-887F-AB28-8880-233894150681}" = AMD Accelerated Video Transcoding
"GIMP-2_is1" = GIMP 2.8.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{020FF978-7DD6-EEE3-47E3-2F37B6449F54}" = CCC Help Chinese Standard
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{117DF79C-38F1-8A46-A488-365A72C4C1F1}" = CCC Help Finnish
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1AE37508-089E-41AC-95BD-99FF06887C2F}" = HP Recovery Manager
"{1E48910A-F1D9-0526-DF24-8024C3BA7566}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2585840A-1098-A34B-42BD-9422B84602F7}" = CCC Help Polish
"{25EC2D8D-D64D-4EA0-6341-C0F79883FBFE}" = CCC Help Chinese Traditional
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{300699CA-B992-4719-0D29-3A33D960D4AC}" = Catalyst Control Center Graphics Previews Common
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{391FE76E-DC08-180B-61EF-C208698E6199}" = CCC Help Dutch
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{586FC9AE-F8A1-D397-178A-304F67D4AF18}" = CCC Help English
"{58F9538F-E242-C094-B68D-3A4CB9E3654A}" = CCC Help Danish
"{600C1E5D-E59E-9B9A-824C-70A3A863DCC9}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BE061BE-0474-EA1F-DE33-91826D7868D9}" = CCC Help French
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7F149284-BA2D-DB74-0405-EB5D9D2F452C}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8BF1459F-FDDE-673C-2378-A803DC278270}" = CCC Help Turkish
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{927CFF8E-A448-46D3-01B9-764FC2A881BA}" = CCC Help Greek
"{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver
"{966BD8E8-DEAB-458D-B330-1388A4CC0A6C}" = HP Documentation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E1227EB-BFD6-970B-7867-0658EC53525F}" = CCC Help Hungarian
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A34FE6B9-B981-B2F5-DF3D-78D61776EA0C}" = CCC Help Spanish
"{A5107464-AA9B-4177-8129-5FF2F42DD322}" = REALTEK Wireless LAN Driver
"{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}" = HP 3D DriveGuard
"{AE794AB6-424B-31E9-5EA1-968088EFAE06}" = Catalyst Control Center InstallProxy
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B82085C0-07DD-5E7F-1D48-D63087064524}" = CCC Help Czech
"{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}" = HP Quick Start
"{BA4355A4-E388-117A-721A-F1B23175B9AD}" = AMD VISION Engine Control Center
"{BB5B11D5-ADC5-9AA2-76D9-8C447C4EC3B7}" = CCC Help German
"{BC63AE56-730A-D46F-27A6-C579E8390CB2}" = CCC Help Swedish
"{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}" = Realtek PCIE Card Reader
"{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}" = HP System Event Utility
"{C3E46E73-67D3-72FA-0AA9-5A1CBE9CE0DD}" = CCC Help Norwegian
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C54BC404-EA0C-044E-F118-2E02802626F4}" = CCC Help Portuguese
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C89A97B6-F991-EBB5-77B7-927BCF420EBE}" = OEM Application Profile
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CFD9991F-F7EE-1B2E-F4FE-99E2BC2836CE}" = CCC Help Russian
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EA1DC8F8-C357-44CA-A332-AB9762DF698C}" = OpenOffice 4.0.0
"{ED684F1C-291C-A7BE-D464-8A44717F8F17}" = CCC Help Thai
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EEEDA52B-3C42-4BD7-BE42-FDB596EAFCEF}" = Catalyst Control Center - Branding
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{FA26FB8C-5FC4-0EA8-EED9-32AE23A2DCCA}" = Catalyst Control Center Localization All
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Mozilla Firefox 25.0 (x86 en-GB)" = Mozilla Firefox 25.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OnlineArmor_is1" = Online Armor 6.0
"Pixel Ruler" = Pixel Ruler
"VLC media player" = VLC media player 2.1.0
"WildTangent wildgames Master Uninstall" = Jeux WildTangent
"WinLiveSuite" = Windows Live Essentials
"WTA-04deac4a-4ca0-45dc-8611-b633d40fe129" = Ranch Rush 2 - Premium Edition
"WTA-09a04233-fa4c-413d-bae4-075c646be03d" = Farm Frenzy
"WTA-0cb8c6f1-ada2-42be-b29c-5a0d3886ef78" = Polar Bowler
"WTA-19c0c567-8f36-42b6-aea4-80710eb4e03d" = Zuma's Revenge
"WTA-1f9c9f6d-0fb9-423c-a5f4-07e8a0e36308" = Mahjongg Artifacts
"WTA-2f1e87ca-2f6f-4ced-9d39-74316071fab8" = Bejeweled 3
"WTA-316ae727-c0d4-4e18-ba89-01bf926216aa" = Wedding Dash
"WTA-37ac2235-a3fe-48f0-a210-c7425b607eff" = Aloha TriPeaks
"WTA-41864ea0-a528-480b-baef-7a2a85514d46" = Governor of Poker 2 Premium Edition
"WTA-466d1acd-ad16-43ef-af1f-93a539e9d6d7" = Cradle of Rome 2
"WTA-50361504-dece-4c27-85cc-3bdafbee7ed2" = Jewel Match 3
"WTA-6937dff6-0f8a-4da4-9714-b4b76ddcf4d9" = Jewel Quest II
"WTA-699148d8-112e-4717-8dba-7565b690e218" = Virtual Families
"WTA-71fe11f7-742e-42eb-ba7a-41067beb2b4e" = Crazy Chicken Soccer
"WTA-bb680544-ce0b-4112-a963-254b2dd7a78b" = Vacation Quest™ - Australia
"WTA-c0596dff-c0af-4ff3-9d2c-c58bbadf05de" = Plants vs. Zombies - Game of the Year
"WTA-c978c0b3-4412-4140-be06-2dbf8b41d750" = Royal Envoy 2 Collector's Edition
"WTA-f6a162eb-bfbe-4724-9c54-04178966fd14" = Build-a-lot
"WTA-f7ee5664-183e-41aa-8920-9990e7fcc0e5" = Trinklit Supreme
"WTA-f87a42dd-8efe-4fa7-bab5-bd19dbf75fff" = Youda Jewel Shop
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 29/10/2013 16:00:00 | Computer Name = Master | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.2.9200.16420 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c70 Start
Time: 01ced4b4cc8d1e42 Termination Time: 4294967295 Application Path: C:\Windows\system32\wwahost.exe
Report
Id: a8a9825a-40d4-11e3-be8b-7446a08860ef Faulting package full name: microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: Microsoft.WindowsLive.Mail
Error - 30/10/2013 05:56:57 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30/10/2013 05:56:57 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1591
Error - 30/10/2013 05:56:57 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1591
Error - 30/10/2013 07:20:02 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30/10/2013 07:20:02 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1544
Error - 30/10/2013 07:20:02 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1544
Error - 30/10/2013 07:23:59 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30/10/2013 07:23:59 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 238634
Error - 30/10/2013 07:23:59 | Computer Name = Master | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 238634
[ Hewlett-Packard Events ]
Error - 09/09/2013 09:24:22 | Computer Name = Master | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.SupportFramework.Utilities.HPSARuntime.Configuration.LoadHPSFConfigFile()
at HP.SupportFramework.Utilities.HPSARuntime.Configuration.Load() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Could not load the Configuration DLL. StackTrace: at HP.SupportFramework.Utilities.HPSARuntime.Configuration.LoadHPSFConfigFile()
at HP.SupportFramework.Utilities.HPSARuntime.Configuration.Load() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3293 Ram Utilization: 20 TargetSite: Void LoadHPSFConfigFile()
[ System Events ]
Error - 29/10/2013 10:38:30 | Computer Name = Master | Source = EventLog | ID = 6008
Description = The previous system shutdown at 14:50:00 on ?29/?10/?2013 was unexpected.
Error - 29/10/2013 10:38:31 | Computer Name = Master | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "B8763F0603D9" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.
Error - 29/10/2013 10:38:31 | Computer Name = Master | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "B8763F0603D9" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.
Error - 29/10/2013 10:38:42 | Computer Name = Master | Source = BugCheck | ID = 1001
Description =
Error - 29/10/2013 15:59:52 | Computer Name = Master | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
Error - 31/10/2013 06:42:46 | Computer Name = Master | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
Error - 31/10/2013 11:41:56 | Computer Name = Master | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:17:41 on ?31/?10/?2013 was unexpected.
Error - 31/10/2013 11:42:07 | Computer Name = Master | Source = BugCheck | ID = 1001
Description =
Error - 31/10/2013 14:09:07 | Computer Name = Master | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
Error - 31/10/2013 15:59:39 | Computer Name = Master | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
< End of report >