Jump to content

Cannot start Malwarebytes or AVG antivirus software


el02139

Recommended Posts

Hello,

My computer has come across something that has created some issues. The first symptom was when Internet Explorer would suddenly stop. Upon attempting to run Malwarebytes, I would get the error, "This program is blocked by group policy. For more information, contact your system administrator." I am logged in as the administrator on a simple single home computer. The same error would occur when trying to start AVG. I tried using Chameleon unsuccessfully. Tried Malwarebytes Anti-Rootkit BETA and found several hundred suspect files that I removed. Unfortunately, I cannot find the log file from this operation to be able to report specifically what malware was discovered.

As it stands, I still am unable to start Malwarebytes, and on top of it, I do not have permission to uninstall to attempt a re-install. Same goes for AVG.

Virus? Malware?

I followed the protocol using the DDS software and get the popup "DDS, Doesn't Do Squat has stopped working".

Any ideas or help greatly appreciated!

System Info:

Windows Vista Home Premium Edition SP2

64-bit system

Link to post
Share on other sites

  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

Hello el02139 and welcome to MalwareBytes forums.

Please STOP running special tools like MBAR on your own. Please follow my guidance.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

NEXT

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Do NOT press any Fix button.
  • Exit/Close RogueKiller

NEXT

Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here

or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

On Vista/ Windows 7/ Windows 8 do a RIGHT-click on dds and select Run As Administrator :excl:

On Windows XP double click dds to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

Follow and answer the prompts as appropriate.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Topic re-opened.

Go to your AVG support website, find their forum or customer support, and figure out how to turn it off temporarily.

Worst case and ONLY as a temporary measure, restart the computer into Safe Mode with Networking, which will allow you to access the internet.

Have plenty / plenty of patience while Windows does all it's work to finish loading.

Windows start is not instantaneous. Have infinite patience.

Remember, this is only a temporary measure, and you should go back to normal mode when all done !

Here's the How-to for

Advanced startup options (including safe mode)

The Advanced Boot Options menu lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key ...

http://windows.microsoft.com/en-US/windows-vista/Advanced-startup-options-including-safe-mode

Turn off your pc. Wait about a minute.

Restart your pc. And right away, tap & retap the F8 Function-key on your keyboard.

You should see Windows Advanced Options menu.

Select Safe Mode with Networking or

Safe mode or

VGA mode

with Safe Mode with Networking being the ideal first choice.

Link to post
Share on other sites

Ok,

I ran rkill per your request. Below is the output from rkill.txt:

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/23/2013 04:42:55 AM in x64 mode.

Windows Version: Windows Vista Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe (PID: 820) [T-HEUR]

* C:\Windows\SysWOW64\LxrSII1s.exe (PID: 2528) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:

C:\Users\HP\Desktop\rkill\rkill-02-23-2013-04-43-03.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.

Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/23/2013 04:43:17 AM

Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

Link to post
Share on other sites

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Do NOT press any Fix button.
  • Exit/Close RogueKiller

Link to post
Share on other sites

Did as you posted. Clicked on Scan after the prescan was finished, started to run and then stopped and closed on its own. The exe even disappeared from the desktop. No log file can be found.

Is this normal?

Also, I have another business trip that will pull me away for a week or so, so please leave the post up.

Thanks again for your assistance!

Link to post
Share on other sites

I'd like to have your commitment that you will stick with me until this is resolved, and keep me advised if you are away longer.

Please do what you can this weekend.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

Here are the results:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2013 01

Ran by SYSTEM at 04-03-2013 18:07:35

Running from F:\

Windows Vista Home Premium Service Pack 1 (X64) OS Language: English(US)

The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-20] (Microsoft Corporation)

HKLM\...\Run: [iAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [182808 2008-11-03] (Intel Corporation)

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [15853088 2008-10-16] (NVIDIA Corporation)

HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [82464 2008-10-16] (NVIDIA Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-06-16] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)

HKLM-x32\...\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)

HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)

HKLM-x32\...\Run: [] [x]

HKLM-x32\...\Run: [hpqSRMon] [x]

HKLM-x32\...\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup [532808 2008-08-08] (Corel, Inc.)

HKLM-x32\...\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2008-08-08] ()

HKLM-x32\...\Run: [Easy Dock] [x]

HKLM-x32\...\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [1148200 2009-09-09] (CyberLink Corp.)

HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1151152 2013-02-18] ()

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [x]

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKU\Default\...\Run: [HPADVISOR] [x]

HKU\Default User\...\Run: [HPADVISOR] [x]

HKU\HP\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [152064 2008-12-23] (Microsoft Corporation)

HKU\HP\...\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe [1954456 2011-09-01] (Adobe Systems Incorporated)

HKU\HP\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe -update activex [697272 2012-11-14] (Adobe Systems Incorporated)

HKU\HP\...\Winlogon: [shell]

HKU\Lori\...\Run: [HPADVISOR] [x]

Tcpip\Parameters: [DhcpNameServer] 216.51.173.2 216.51.173.1

Tcpip\..\Interfaces\{67899D8C-147F-49E2-ABE5-D064EEC25557}: [NameServer]216.51.173.2,216.51.173.1

==================== Services (Whitelisted) ===================

2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)

2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)

2 LxrSII1s; C:\Windows\SysWow64\LxrSII1s.exe [65536 2009-12-30] (Lexar Media, Inc.)

4 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [652360 2012-01-31] (Malwarebytes Corporation)

2 PavPrSrv; "C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe" [62768 2008-02-04] (Panda Security, S.L.)

2 PskSvcRetailInst; C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe [28928 2008-06-25] (Panda Security, S.L.)

2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()

==================== Drivers (Whitelisted) =====================

2 atksgt; C:\Windows\System32\Drivers\atksgt.sys [310728 2009-04-29] ()

1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )

0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )

1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)

0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)

0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111968 2012-11-15] (AVG Technologies CZ, s.r.o.)

0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)

1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)

1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)

2 lirsgt; C:\Windows\System32\Drivers\lirsgt.sys [42696 2009-04-29] ()

2 LxrSII1d; C:\Windows\System32\Drivers\LxrSII1d.sys [63064 2009-12-30] (Lexar Media, Inc.)

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)

0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [33792 2008-06-19] (Panda Security, S.L.)

1 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [46136 2008-02-28] (Panda Security, S.L.)

3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]

3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]

3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [x]

3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [x]

3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-03-04 18:07 - 2013-03-04 18:07 - 00000000 ____D C:\FRST

2013-02-28 07:35 - 2013-02-28 09:24 - 120797820 ____A C:\Users\HP\My Documents\Uganda- 2nd grade.pptx

2013-02-28 07:35 - 2013-02-28 09:24 - 120797820 ____A C:\Users\HP\Documents\Uganda- 2nd grade.pptx

2013-02-23 05:30 - 2013-02-23 05:56 - 00009814 ____A C:\Users\HP\My Documents\Stroby worksheet.xlsx

2013-02-23 05:30 - 2013-02-23 05:56 - 00009814 ____A C:\Users\HP\Documents\Stroby worksheet.xlsx

2013-02-21 04:36 - 2013-02-21 04:36 - 00014432 ____A C:\Users\HP\Downloads\UnBilledDataDetails2SpreadSheet.xls

2013-02-20 04:54 - 2013-02-20 04:54 - 01579068 ____A C:\Users\HP\My Documents\Mo I love you.pptx

2013-02-20 04:54 - 2013-02-20 04:54 - 01579068 ____A C:\Users\HP\Documents\Mo I love you.pptx

2013-02-19 16:57 - 2013-02-22 05:50 - 02455070 ____A C:\Users\HP\My Documents\Reasons to Let Carli have the Hamper.pptx

2013-02-19 16:57 - 2013-02-22 05:50 - 02455070 ____A C:\Users\HP\Documents\Reasons to Let Carli have the Hamper.pptx

2013-02-18 19:30 - 2013-02-18 19:30 - 00000000 ____D C:\ProgramData\AVG Secure Search

2013-02-18 19:30 - 2013-02-18 19:30 - 00000000 ____D C:\ProgramData\Application Data\AVG Secure Search

2013-02-18 08:05 - 2013-02-18 08:23 - 00000000 ____D C:\Users\HP\My Documents\Spring Fling

2013-02-18 08:05 - 2013-02-18 08:23 - 00000000 ____D C:\Users\HP\Documents\Spring Fling

2013-02-17 17:46 - 2013-02-17 17:46 - 00202595 ____A C:\Users\HP\Downloads\RCphotographyTEMPLATE_02.zip

2013-02-17 17:40 - 2013-02-17 17:40 - 02546753 ____A C:\Users\HP\Downloads\RCphotographyTEMPLATE_03.zip

2013-02-16 16:32 - 2013-02-16 16:32 - 00000037 ____A C:\Users\HP\My Documents\brock.txt

2013-02-16 16:32 - 2013-02-16 16:32 - 00000037 ____A C:\Users\HP\Documents\brock.txt

2013-02-15 09:36 - 2013-02-15 09:36 - 00013121 ____A C:\Users\HP\My Documents\Harmony Bass.p2g

2013-02-15 09:36 - 2013-02-15 09:36 - 00013121 ____A C:\Users\HP\Documents\Harmony Bass.p2g

2013-02-14 16:35 - 2013-02-14 16:35 - 00404589 ____A C:\Users\HP\My Documents\moganator.wma

2013-02-14 16:35 - 2013-02-14 16:35 - 00404589 ____A C:\Users\HP\Documents\moganator.wma

2013-02-14 16:28 - 2013-02-14 16:28 - 00400099 ____A C:\Users\HP\My Documents\carli singing keep out.wma

2013-02-14 16:28 - 2013-02-14 16:28 - 00400099 ____A C:\Users\HP\Documents\carli singing keep out.wma

2013-02-14 16:25 - 2013-02-14 16:25 - 00471939 ____A C:\Users\HP\My Documents\Momo.wma

2013-02-14 16:25 - 2013-02-14 16:25 - 00471939 ____A C:\Users\HP\Documents\Momo.wma

2013-02-14 12:47 - 2013-02-15 09:19 - 00000000 ____D C:\Users\HP\My Documents\Harmony Hawks -Bass

2013-02-14 12:47 - 2013-02-15 09:19 - 00000000 ____D C:\Users\HP\Documents\Harmony Hawks -Bass

2013-02-14 01:03 - 2013-01-08 17:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-02-14 01:03 - 2013-01-08 17:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-02-14 01:03 - 2013-01-08 17:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-02-14 01:03 - 2013-01-08 17:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-02-14 01:03 - 2013-01-08 17:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-02-14 01:03 - 2013-01-08 17:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-02-14 01:03 - 2013-01-08 17:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-02-14 01:03 - 2013-01-08 17:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-02-14 01:03 - 2013-01-08 17:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-02-14 01:03 - 2013-01-08 17:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-02-14 01:03 - 2013-01-08 17:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-02-14 01:03 - 2013-01-08 17:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-02-14 01:03 - 2013-01-08 17:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-02-14 01:03 - 2013-01-08 17:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-02-14 01:03 - 2013-01-08 17:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-02-14 01:03 - 2013-01-08 17:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-02-14 01:03 - 2013-01-08 14:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-02-14 01:03 - 2013-01-08 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-02-14 01:03 - 2013-01-08 14:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-02-14 01:03 - 2013-01-08 14:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-02-14 01:03 - 2013-01-08 14:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-02-14 01:03 - 2013-01-08 14:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-02-14 01:03 - 2013-01-08 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-02-14 01:03 - 2013-01-08 14:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-02-14 01:03 - 2013-01-08 13:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-02-14 01:03 - 2013-01-08 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-02-14 01:03 - 2013-01-08 13:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-02-14 01:03 - 2013-01-08 13:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-02-14 01:03 - 2013-01-08 13:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-02-14 01:03 - 2013-01-08 13:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-02-14 01:03 - 2013-01-08 13:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-02-14 01:03 - 2013-01-08 13:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-02-13 05:39 - 2013-01-04 21:37 - 04695400 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-02-13 05:39 - 2013-01-04 03:31 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-02-13 05:39 - 2013-01-03 17:59 - 02773504 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-02-13 05:39 - 2012-11-07 20:26 - 01570816 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll

2013-02-13 05:39 - 2012-11-07 19:48 - 01314816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2013-02-12 17:44 - 2013-02-12 19:10 - 00688992 ____A (Swearware) C:\Users\HP\Downloads\dds.scr

2013-02-12 17:10 - 2013-02-12 17:33 - 30611339 ____A (Safer-Networking Ltd. ) C:\Users\HP\Downloads\SpybotSD2.exe.xh67iur.partial

2013-02-12 15:56 - 2013-02-12 15:56 - 00065232 ____A (Malwarebytes) C:\Users\HP\Downloads\regassassin-setup-1.03.exe

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\Users\HP\Application Data\TestApp

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\Users\HP\AppData\Roaming\TestApp

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\ProgramData\PC Tools

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\ProgramData\Application Data\PC Tools

2013-02-09 05:55 - 2013-02-09 05:55 - 01667264 ____A (W3i, LLC) C:\Users\HP\Downloads\7zip_bimo_d3280787.exe

2013-02-09 05:55 - 2013-02-09 05:55 - 00000000 ____D C:\ProgramData\Application Data\APN

2013-02-09 05:55 - 2013-02-09 05:55 - 00000000 ____D C:\ProgramData\APN

2013-02-09 05:14 - 2013-02-09 05:25 - 00000000 ____D C:\ProgramData\HitmanPro

2013-02-09 05:14 - 2013-02-09 05:25 - 00000000 ____D C:\ProgramData\Application Data\HitmanPro

2013-02-09 05:11 - 2013-02-09 05:14 - 09754024 ____A (SurfRight B.V.) C:\Users\HP\Downloads\HitmanPro_x64.exe

2013-02-09 04:55 - 2013-02-09 04:55 - 00353352 ____A (Malwarebytes Corporation) C:\Users\HP\Downloads\mbam-check-2.0.0.1000.exe

2013-02-09 04:39 - 2013-02-09 04:41 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.70.0.1100.exe

2013-02-08 08:59 - 2013-02-08 08:59 - 00009336 ____A C:\Users\HP\My Documents\tdamertransactions.csv

2013-02-08 08:59 - 2013-02-08 08:59 - 00009336 ____A C:\Users\HP\Documents\tdamertransactions.csv

2013-02-08 07:25 - 2013-02-08 07:26 - 04437456 ____A (AVG Technologies) C:\Users\HP\Downloads\avg_free_stb_all_2013_2897_cnet.exe

2013-02-06 16:25 - 2013-02-06 16:27 - 18373152 ____A (Microsoft Corporation) C:\Users\HP\Downloads\Windows-KB890830-x64-V4.16.exe

2013-02-06 16:23 - 2012-12-16 15:03 - 65273848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe

2013-02-06 16:21 - 2013-02-06 16:22 - 17660960 ____A (Microsoft Corporation) C:\Users\HP\Downloads\Windows-KB890830-V4.16.exe

2013-02-06 15:44 - 2013-02-23 02:57 - 00002027 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2013-02-06 15:44 - 2013-02-23 02:57 - 00002027 ____A C:\ProgramData\Desktop\Google Chrome.lnk

2013-02-06 14:40 - 2013-02-06 14:40 - 00013516 ____A C:\Users\HP\My Documents\2012P&L Summary.xlsx

2013-02-06 14:40 - 2013-02-06 14:40 - 00013516 ____A C:\Users\HP\Documents\2012P&L Summary.xlsx

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\My Documents\Quicken

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\Documents\Quicken

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\Application Data\Intuit

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Intuit

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Yahoo!

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Apple Computer

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Yahoo!

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Apple Computer

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\Adobe

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\Local Settings\GDIPFONTCACHEV1.DAT

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\AppData\Local\GDIPFONTCACHEV1.DAT

2013-02-06 11:56 - 2013-02-06 11:56 - 00002027 ____A C:\Users\Lori\Desktop\Google Chrome.lnk

2013-02-06 11:55 - 2013-02-06 11:57 - 00000000 ____D C:\Users\Lori\Local Settings\VirtualStore

2013-02-06 11:55 - 2013-02-06 11:57 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\VirtualStore

2013-02-06 11:55 - 2013-02-06 11:57 - 00000000 ____D C:\Users\Lori\AppData\Local\VirtualStore

2013-02-06 11:55 - 2013-02-06 11:56 - 00000000 ____D C:\users\Lori

2013-02-06 11:55 - 2013-02-06 11:55 - 00000020 __ASH C:\Users\Lori\ntuser.ini

2013-02-06 11:55 - 2012-10-13 06:10 - 00000000 ____D C:\Users\Lori\Application Data\TuneUp Software

2013-02-06 11:55 - 2012-10-13 06:10 - 00000000 ____D C:\Users\Lori\AppData\Roaming\TuneUp Software

2013-02-06 11:55 - 2011-12-18 01:05 - 00000000 ____D C:\Users\Lori\Local Settings\Microsoft Help

2013-02-06 11:55 - 2011-12-18 01:05 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\Microsoft Help

2013-02-06 11:55 - 2011-12-18 01:05 - 00000000 ____D C:\Users\Lori\AppData\Local\Microsoft Help

2013-02-06 11:55 - 2011-03-27 12:00 - 00000000 ____D C:\Users\Lori\Application Data\Macromedia

2013-02-06 11:55 - 2011-03-27 12:00 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Macromedia

2013-02-06 11:55 - 2011-01-27 17:31 - 00000000 ____D C:\Users\Lori\Application Data\Mozilla

2013-02-06 11:55 - 2011-01-27 17:31 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Mozilla

2013-02-06 09:27 - 2013-02-06 09:27 - 00000258 _RASH C:\ProgramData\ntuser.pol

2013-02-06 09:27 - 2013-02-06 09:27 - 00000258 _RASH C:\ProgramData\Application Data\ntuser.pol

2013-02-06 09:15 - 2013-02-07 03:18 - 00012879 ____A C:\Users\HP\My Documents\Excel 64.xlsx

2013-02-06 09:15 - 2013-02-07 03:18 - 00012879 ____A C:\Users\HP\Documents\Excel 64.xlsx

2013-02-05 11:36 - 2013-02-05 11:36 - 00111104 ____A (Safe Haven Computers) C:\Windows\System32\choifpmp64.dll

2013-02-05 11:36 - 2013-02-05 11:36 - 00102400 ____A (ORG-1.216.75.171.024) C:\Windows\SysWOW64\choifpmp.dll

2013-02-02 14:27 - 2013-02-02 14:39 - 47424992 ____A (Apple Inc.) C:\Users\HP\Downloads\iCloudSetup (1).exe

2013-02-02 14:13 - 2013-02-02 14:28 - 47424992 ____A (Apple Inc.) C:\Users\HP\Downloads\iCloudSetup.exe

==================== One Month Modified Files and Folders =======

2013-03-04 18:07 - 2013-03-04 18:07 - 00000000 ____D C:\FRST

2013-03-04 15:07 - 2008-01-20 17:53 - 01185601 ____A C:\Windows\WindowsUpdate.log

2013-03-04 15:07 - 2006-11-02 07:42 - 00032648 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-03-04 15:07 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-03-04 15:07 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-03-04 15:07 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-03-04 15:07 - 2006-11-02 04:46 - 00005786 ____A C:\Windows\System32\PerfStringBackup.INI

2013-03-04 14:54 - 2010-11-12 10:56 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-03-04 14:54 - 2010-11-12 10:56 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-03-04 11:59 - 2011-12-16 18:28 - 00000000 ____D C:\Users\HP\My Documents\Outlook Files

2013-03-04 11:59 - 2011-12-16 18:28 - 00000000 ____D C:\Users\HP\Documents\Outlook Files

2013-03-04 07:10 - 2010-10-20 16:59 - 00000000 ____D C:\ProgramData\MFAData

2013-03-04 07:10 - 2010-10-20 16:59 - 00000000 ____D C:\ProgramData\Application Data\MFAData

2013-03-04 06:23 - 2011-12-03 06:20 - 00000396 ____A C:\Windows\Tasks\FreeFileViewerUpdateChecker.job

2013-03-04 04:16 - 2006-11-02 07:07 - 00000000 ___RD C:\Users\Public\Recorded TV

2013-02-28 09:24 - 2013-02-28 07:35 - 120797820 ____A C:\Users\HP\My Documents\Uganda- 2nd grade.pptx

2013-02-28 09:24 - 2013-02-28 07:35 - 120797820 ____A C:\Users\HP\Documents\Uganda- 2nd grade.pptx

2013-02-28 07:00 - 2009-01-07 05:44 - 00103936 ____A C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-02-26 07:48 - 2009-01-06 07:26 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log

2013-02-26 01:25 - 2009-08-10 19:51 - 00000000 ____D C:\Users\HP\Application Data\HpUpdate

2013-02-26 01:25 - 2009-08-10 19:51 - 00000000 ____D C:\Users\HP\AppData\Roaming\HpUpdate

2013-02-25 18:00 - 2009-01-05 05:22 - 00000552 ____A C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - HP.job

2013-02-23 05:56 - 2013-02-23 05:30 - 00009814 ____A C:\Users\HP\My Documents\Stroby worksheet.xlsx

2013-02-23 05:56 - 2013-02-23 05:30 - 00009814 ____A C:\Users\HP\Documents\Stroby worksheet.xlsx

2013-02-23 02:57 - 2013-02-06 15:44 - 00002027 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2013-02-23 02:57 - 2013-02-06 15:44 - 00002027 ____A C:\ProgramData\Desktop\Google Chrome.lnk

2013-02-22 05:50 - 2013-02-19 16:57 - 02455070 ____A C:\Users\HP\My Documents\Reasons to Let Carli have the Hamper.pptx

2013-02-22 05:50 - 2013-02-19 16:57 - 02455070 ____A C:\Users\HP\Documents\Reasons to Let Carli have the Hamper.pptx

2013-02-21 04:36 - 2013-02-21 04:36 - 00014432 ____A C:\Users\HP\Downloads\UnBilledDataDetails2SpreadSheet.xls

2013-02-20 04:54 - 2013-02-20 04:54 - 01579068 ____A C:\Users\HP\My Documents\Mo I love you.pptx

2013-02-20 04:54 - 2013-02-20 04:54 - 01579068 ____A C:\Users\HP\Documents\Mo I love you.pptx

2013-02-18 19:30 - 2013-02-18 19:30 - 00000000 ____D C:\ProgramData\AVG Secure Search

2013-02-18 19:30 - 2013-02-18 19:30 - 00000000 ____D C:\ProgramData\Application Data\AVG Secure Search

2013-02-18 19:30 - 2012-10-04 17:19 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search

2013-02-18 19:30 - 2012-08-27 00:01 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys

2013-02-18 08:23 - 2013-02-18 08:05 - 00000000 ____D C:\Users\HP\My Documents\Spring Fling

2013-02-18 08:23 - 2013-02-18 08:05 - 00000000 ____D C:\Users\HP\Documents\Spring Fling

2013-02-17 17:46 - 2013-02-17 17:46 - 00202595 ____A C:\Users\HP\Downloads\RCphotographyTEMPLATE_02.zip

2013-02-17 17:40 - 2013-02-17 17:40 - 02546753 ____A C:\Users\HP\Downloads\RCphotographyTEMPLATE_03.zip

2013-02-16 16:32 - 2013-02-16 16:32 - 00000037 ____A C:\Users\HP\My Documents\brock.txt

2013-02-16 16:32 - 2013-02-16 16:32 - 00000037 ____A C:\Users\HP\Documents\brock.txt

2013-02-15 09:36 - 2013-02-15 09:36 - 00013121 ____A C:\Users\HP\My Documents\Harmony Bass.p2g

2013-02-15 09:36 - 2013-02-15 09:36 - 00013121 ____A C:\Users\HP\Documents\Harmony Bass.p2g

2013-02-15 09:19 - 2013-02-14 12:47 - 00000000 ____D C:\Users\HP\My Documents\Harmony Hawks -Bass

2013-02-15 09:19 - 2013-02-14 12:47 - 00000000 ____D C:\Users\HP\Documents\Harmony Hawks -Bass

2013-02-14 16:49 - 2011-11-07 03:21 - 00000000 ____D C:\Users\Public\CyberLink

2013-02-14 16:35 - 2013-02-14 16:35 - 00404589 ____A C:\Users\HP\My Documents\moganator.wma

2013-02-14 16:35 - 2013-02-14 16:35 - 00404589 ____A C:\Users\HP\Documents\moganator.wma

2013-02-14 16:28 - 2013-02-14 16:28 - 00400099 ____A C:\Users\HP\My Documents\carli singing keep out.wma

2013-02-14 16:28 - 2013-02-14 16:28 - 00400099 ____A C:\Users\HP\Documents\carli singing keep out.wma

2013-02-14 16:25 - 2013-02-14 16:25 - 00471939 ____A C:\Users\HP\My Documents\Momo.wma

2013-02-14 16:25 - 2013-02-14 16:25 - 00471939 ____A C:\Users\HP\Documents\Momo.wma

2013-02-14 05:05 - 2006-11-02 07:21 - 00453840 ____A C:\Windows\System32\FNTCACHE.DAT

2013-02-14 01:18 - 2011-12-15 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-02-14 01:18 - 2011-12-15 16:04 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help

2013-02-14 01:11 - 2006-11-02 04:35 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe

2013-02-12 19:10 - 2013-02-12 17:44 - 00688992 ____A (Swearware) C:\Users\HP\Downloads\dds.scr

2013-02-12 17:33 - 2013-02-12 17:10 - 30611339 ____A (Safer-Networking Ltd. ) C:\Users\HP\Downloads\SpybotSD2.exe.xh67iur.partial

2013-02-12 15:56 - 2013-02-12 15:56 - 00065232 ____A (Malwarebytes) C:\Users\HP\Downloads\regassassin-setup-1.03.exe

2013-02-12 13:45 - 2010-02-16 14:35 - 00000000 ____D C:\Users\HP\AppData\Local\Corel

2013-02-12 12:40 - 2010-02-16 14:35 - 00000952 __ASH C:\ProgramData\KGyGaAvL.sys

2013-02-12 12:40 - 2010-02-16 14:35 - 00000952 __ASH C:\ProgramData\Application Data\KGyGaAvL.sys

2013-02-12 12:40 - 2010-02-16 14:33 - 00000000 ____D C:\Users\HP\My Documents\My PSP Files

2013-02-12 12:40 - 2010-02-16 14:33 - 00000000 ____D C:\Users\HP\Documents\My PSP Files

2013-02-12 12:36 - 2012-03-11 04:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-12 08:29 - 2010-06-18 14:48 - 00000680 ____A C:\Users\HP\AppData\Local\d3d9caps.dat

2013-02-12 08:26 - 2008-01-20 19:26 - 00283198 ____A C:\Windows\PFRO.log

2013-02-12 08:13 - 2009-10-09 08:03 - 00000000 ____D C:\Program Files (x86)\thinkTDA

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\Users\HP\Application Data\TestApp

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\Users\HP\AppData\Roaming\TestApp

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\ProgramData\PC Tools

2013-02-12 07:46 - 2013-02-12 07:46 - 00000000 ____D C:\ProgramData\Application Data\PC Tools

2013-02-12 07:27 - 2012-10-04 17:19 - 00000874 ____A C:\Users\Public\Desktop\AVG 2013.lnk

2013-02-12 07:27 - 2012-10-04 17:19 - 00000874 ____A C:\ProgramData\Desktop\AVG 2013.lnk

2013-02-12 07:13 - 2012-10-06 17:42 - 00000000 ____D C:\Users\HP\Downloads\simply_glamorous

2013-02-12 07:13 - 2012-03-11 16:35 - 00000000 ____D C:\Users\HP\Downloads\respective

2013-02-12 07:13 - 2012-02-25 15:24 - 00000000 ____D C:\Users\HP\Downloads\script_tt

2013-02-12 07:13 - 2012-02-10 12:41 - 00000000 ____D C:\Users\HP\Downloads\unnamedmelody

2013-02-12 07:13 - 2012-02-10 12:39 - 00000000 ____D C:\Users\HP\Downloads\thinkingofyou

2013-02-12 07:13 - 2012-02-10 12:36 - 00000000 ____D C:\Users\HP\Downloads\neverwritesback

2013-02-12 07:13 - 2012-02-10 12:34 - 00000000 ____D C:\Users\HP\Downloads\mrwade

2013-02-12 07:13 - 2012-02-10 12:33 - 00000000 ____D C:\Users\HP\Downloads\milkandcereal

2013-02-12 07:13 - 2012-02-10 12:27 - 00000000 ____D C:\Users\HP\Downloads\may-2-2009

2013-02-12 07:13 - 2012-02-10 12:25 - 00000000 ____D C:\Users\HP\Downloads\fortheonehundredthtime

2013-02-12 07:13 - 2012-02-10 12:14 - 00000000 ____D C:\Users\HP\Downloads\kevinandamanda-freescrapbookfonts-april2010-addon

2013-02-12 07:13 - 2012-02-06 08:34 - 00000000 ____D C:\Users\HP\Downloads\riesling

2013-02-12 07:13 - 2009-01-03 09:58 - 00000000 ____D C:\users\HP

2013-02-12 07:13 - 2006-11-02 05:34 - 00000000 ____D C:\Windows\System32\spool

2013-02-12 07:12 - 2012-10-06 17:49 - 00000000 ____D C:\Users\HP\Downloads\5th_grade_cursive

2013-02-12 07:12 - 2012-02-25 15:20 - 00000000 ____D C:\Users\HP\Downloads\ChopinScript

2013-02-12 07:12 - 2012-02-10 12:30 - 00000000 ____D C:\Users\HP\Downloads\crykitty

2013-02-12 07:12 - 2012-02-10 12:30 - 00000000 ____D C:\Users\HP\Downloads\bosshole

2013-02-12 07:12 - 2012-02-10 12:29 - 00000000 ____D C:\Users\HP\Downloads\babybowser

2013-02-12 07:12 - 2012-02-10 09:59 - 00000000 ____D C:\Users\HP\Application Data\Catalina Marketing Corp

2013-02-12 07:12 - 2012-02-10 09:59 - 00000000 ____D C:\Users\HP\AppData\Roaming\Catalina Marketing Corp

2013-02-12 07:12 - 2011-12-03 06:30 - 00000000 ____D C:\Users\HP\Application Data\FreeFileViewer

2013-02-12 07:12 - 2011-12-03 06:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\FreeFileViewer

2013-02-12 07:12 - 2011-11-05 17:48 - 00000000 ____D C:\Users\HP\My Documents\Samsung

2013-02-12 07:12 - 2011-11-05 17:48 - 00000000 ____D C:\Users\HP\Documents\Samsung

2013-02-12 07:12 - 2010-12-19 09:49 - 00000000 ____D C:\Users\HP\AppData\Local\Lexar Media

2013-02-12 07:12 - 2009-09-10 16:49 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-02-12 07:12 - 2006-11-02 07:07 - 00000000 ____D C:\Program Files\Windows Photo Gallery

2013-02-12 07:12 - 2006-11-02 05:33 - 00000000 ____D C:\Windows\registration

2013-02-12 06:20 - 2013-01-03 06:51 - 00000000 ____D C:\Users\HP\Downloads\Caroline Lang 5th grade report card_files

2013-02-11 12:00 - 2009-01-05 05:22 - 00000456 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job

2013-02-10 14:10 - 2012-02-08 12:34 - 109475683 ____A C:\Users\HP\My Documents\Lang Uganda.pptx

2013-02-10 14:10 - 2012-02-08 12:34 - 109475683 ____A C:\Users\HP\Documents\Lang Uganda.pptx

2013-02-09 05:55 - 2013-02-09 05:55 - 01667264 ____A (W3i, LLC) C:\Users\HP\Downloads\7zip_bimo_d3280787.exe

2013-02-09 05:55 - 2013-02-09 05:55 - 00000000 ____D C:\ProgramData\Application Data\APN

2013-02-09 05:55 - 2013-02-09 05:55 - 00000000 ____D C:\ProgramData\APN

2013-02-09 05:25 - 2013-02-09 05:14 - 00000000 ____D C:\ProgramData\HitmanPro

2013-02-09 05:25 - 2013-02-09 05:14 - 00000000 ____D C:\ProgramData\Application Data\HitmanPro

2013-02-09 05:14 - 2013-02-09 05:11 - 09754024 ____A (SurfRight B.V.) C:\Users\HP\Downloads\HitmanPro_x64.exe

2013-02-09 04:55 - 2013-02-09 04:55 - 00353352 ____A (Malwarebytes Corporation) C:\Users\HP\Downloads\mbam-check-2.0.0.1000.exe

2013-02-09 04:41 - 2013-02-09 04:39 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.70.0.1100.exe

2013-02-08 08:59 - 2013-02-08 08:59 - 00009336 ____A C:\Users\HP\My Documents\tdamertransactions.csv

2013-02-08 08:59 - 2013-02-08 08:59 - 00009336 ____A C:\Users\HP\Documents\tdamertransactions.csv

2013-02-08 07:26 - 2013-02-08 07:25 - 04437456 ____A (AVG Technologies) C:\Users\HP\Downloads\avg_free_stb_all_2013_2897_cnet.exe

2013-02-07 03:18 - 2013-02-06 09:15 - 00012879 ____A C:\Users\HP\My Documents\Excel 64.xlsx

2013-02-07 03:18 - 2013-02-06 09:15 - 00012879 ____A C:\Users\HP\Documents\Excel 64.xlsx

2013-02-06 16:27 - 2013-02-06 16:25 - 18373152 ____A (Microsoft Corporation) C:\Users\HP\Downloads\Windows-KB890830-x64-V4.16.exe

2013-02-06 16:22 - 2013-02-06 16:21 - 17660960 ____A (Microsoft Corporation) C:\Users\HP\Downloads\Windows-KB890830-V4.16.exe

2013-02-06 14:40 - 2013-02-06 14:40 - 00013516 ____A C:\Users\HP\My Documents\2012P&L Summary.xlsx

2013-02-06 14:40 - 2013-02-06 14:40 - 00013516 ____A C:\Users\HP\Documents\2012P&L Summary.xlsx

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\My Documents\Quicken

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\Documents\Quicken

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\Application Data\Intuit

2013-02-06 12:00 - 2013-02-06 12:00 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Intuit

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Local Settings\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Yahoo!

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Apple Computer

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\Application Data\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Yahoo!

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Apple Computer

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Roaming\Adobe

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\Google

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\AVG Secure Search

2013-02-06 11:58 - 2013-02-06 11:58 - 00000000 ____D C:\Users\Lori\AppData\Local\Adobe

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\Local Settings\GDIPFONTCACHEV1.DAT

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-02-06 11:57 - 2013-02-06 11:57 - 00127768 ____A C:\Users\Lori\AppData\Local\GDIPFONTCACHEV1.DAT

2013-02-06 11:57 - 2013-02-06 11:55 - 00000000 ____D C:\Users\Lori\Local Settings\VirtualStore

2013-02-06 11:57 - 2013-02-06 11:55 - 00000000 ____D C:\Users\Lori\Local Settings\Application Data\VirtualStore

2013-02-06 11:57 - 2013-02-06 11:55 - 00000000 ____D C:\Users\Lori\AppData\Local\VirtualStore

2013-02-06 11:56 - 2013-02-06 11:56 - 00002027 ____A C:\Users\Lori\Desktop\Google Chrome.lnk

2013-02-06 11:56 - 2013-02-06 11:55 - 00000000 ____D C:\users\Lori

2013-02-06 11:55 - 2013-02-06 11:55 - 00000020 __ASH C:\Users\Lori\ntuser.ini

2013-02-06 10:05 - 2009-01-05 05:22 - 00000322 ____A C:\Windows\Tasks\HPCeeScheduleForHP.job

2013-02-06 09:27 - 2013-02-06 09:27 - 00000258 _RASH C:\ProgramData\ntuser.pol

2013-02-06 09:27 - 2013-02-06 09:27 - 00000258 _RASH C:\ProgramData\Application Data\ntuser.pol

2013-02-06 09:27 - 2006-11-02 05:34 - 00000000 ___HD C:\Windows\System32\GroupPolicy

2013-02-05 11:36 - 2013-02-05 11:36 - 00111104 ____A (Safe Haven Computers) C:\Windows\System32\choifpmp64.dll

2013-02-05 11:36 - 2013-02-05 11:36 - 00102400 ____A (ORG-1.216.75.171.024) C:\Windows\SysWOW64\choifpmp.dll

2013-02-02 14:39 - 2013-02-02 14:27 - 47424992 ____A (Apple Inc.) C:\Users\HP\Downloads\iCloudSetup (1).exe

2013-02-02 14:28 - 2013-02-02 14:13 - 47424992 ____A (Apple Inc.) C:\Users\HP\Downloads\iCloudSetup.exe

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys

[2012-12-12 16:35] - [2012-08-21 03:50] - 0267648 ____A (Microsoft Corporation) 582F710097B46140F5A89A19A6573D4B

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-02-14 00:24:50

Restore point made on: 2013-02-14 01:00:26

Restore point made on: 2013-02-14 22:00:22

Restore point made on: 2013-02-15 12:30:06

Restore point made on: 2013-02-17 15:18:30

Restore point made on: 2013-02-18 06:08:32

Restore point made on: 2013-02-19 08:23:48

Restore point made on: 2013-02-20 06:02:32

Restore point made on: 2013-02-22 16:20:48

Restore point made on: 2013-02-24 07:28:51

Restore point made on: 2013-02-25 05:53:21

Restore point made on: 2013-02-25 22:00:34

Restore point made on: 2013-02-26 16:38:38

Restore point made on: 2013-02-27 06:02:24

Restore point made on: 2013-02-27 22:08:01

Restore point made on: 2013-03-01 06:08:36

Restore point made on: 2013-03-01 22:06:14

Restore point made on: 2013-03-03 18:09:51

==================== Memory info ===========================

Percentage of memory in use: 19%

Total physical RAM: 4094.33 MB

Available physical RAM: 3311.98 MB

Total Pagefile: 3732.11 MB

Available Pagefile: 3323.78 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (HP) (Fixed) (Total:684.81 GB) (Free:315.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.83 GB) (Free:1.88 GB) NTFS ==>[system with boot components (obtained from reading drive)]

4 Drive f: (Lexar) (Removable) (Total:3.73 GB) (Free:3.67 GB) FAT32

9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 699 GB 0 B

Disk 1 Online 3824 MB 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 No Media 0 B 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 685 GB 32 KB

Partition 2 Primary 14 GB 685 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C HP NTFS Partition 685 GB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D FACTORY_IMA NTFS Partition 14 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 3824 MB 24 KB

==================================================================================

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F Lexar FAT32 Removable 3824 MB Healthy

=========================================================

Last Boot: 2013-03-04 14:30

==================== End Of Log =============================

Link to post
Share on other sites

I see that you had used a number of other tools before on your own in early February.

What was done with regassasin? what attempted fix?

What fixes tried with Spybot?

AVG looks like it was gotten on or about Feb 8. What antivirus was there before AVG?

Please follow my guidance and do not do any fixes, changes, additions on your own. If you have questions, stop and ask me first.

These steps are for member El02139 only. If you are a casual viewer, do NOT try this on your system!

If you are not El02139 and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

Step 1

Please carefully follow this procedure icon_exclaim.gif

Please download the attached fixlist.txt and SAVE / copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on this particular system. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Step 2

You now need to restart the system and get into normal mode of Windows Vista.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

I will attempt your fix recommendation. To answer your questions,

What was done with regassasin? what attempted fix?

What fixes tried with Spybot?

Before I started working with you, the only software that had discovered any malware was the Malware Anti-Rootkit beta.

AVG looks like it was gotten on or about Feb 8. What antivirus was there before AVG?

AVG has been on the system since the purchase. In February, I upgraded to AVG 2013 in an attempt to get it restarted.

Link to post
Share on other sites

Ok, here is the Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2013 01

Ran by SYSTEM at 2013-03-06 10:14:43 Run:1

Running from F:\

==============================================

HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.

HKEY_LOCAL_MACHINE\software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon Value deleted successfully.

HKEY_USERS\Default\Software\Microsoft\Windows\CurrentVersion\Run\\HPADVISOR Value deleted successfully.

HKEY_USERS\Default User\Software\Microsoft\Windows\CurrentVersion\Run\\HPADVISOR Value not found.

HKEY_USERS\HP\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate Value not found.

HKEY_USERS\HP\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value deleted successfully.

HKEY_USERS\Lori\Software\Microsoft\Windows\CurrentVersion\Run\\HPADVISOR Value deleted successfully.

==== End of Fixlog ====

Link to post
Share on other sites

And here is the log from the TDS Skiller exe (no threats were found):

10:21:03.0613 1424 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

10:21:04.0393 1424 ============================================================

10:21:04.0393 1424 Current date / time: 2013/03/06 10:21:04.0393

10:21:04.0393 1424 SystemInfo:

10:21:04.0393 1424

10:21:04.0393 1424 OS Version: 6.0.6002 ServicePack: 2.0

10:21:04.0393 1424 Product type: Workstation

10:21:04.0393 1424 ComputerName: HP-PC

10:21:04.0393 1424 UserName: HP

10:21:04.0393 1424 Windows directory: C:\Windows

10:21:04.0393 1424 System windows directory: C:\Windows

10:21:04.0393 1424 Running under WOW64

10:21:04.0393 1424 Processor architecture: Intel x64

10:21:04.0393 1424 Number of processors: 4

10:21:04.0393 1424 Page size: 0x1000

10:21:04.0393 1424 Boot type: Normal boot

10:21:04.0393 1424 ============================================================

10:21:04.0846 1424 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:21:04.0861 1424 ============================================================

10:21:04.0861 1424 \Device\Harddisk0\DR0:

10:21:04.0861 1424 MBR partitions:

10:21:04.0861 1424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5599DBF5

10:21:04.0861 1424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5599DC34, BlocksNum 0x1BA76CD

10:21:04.0861 1424 ============================================================

10:21:04.0877 1424 C: <-> \Device\Harddisk0\DR0\Partition1

10:21:04.0924 1424 D: <-> \Device\Harddisk0\DR0\Partition2

10:21:04.0924 1424 ============================================================

10:21:04.0924 1424 Initialize success

10:21:04.0924 1424 ============================================================

10:21:26.0920 2120 ============================================================

10:21:26.0920 2120 Scan started

10:21:26.0920 2120 Mode: Manual;

10:21:26.0920 2120 ============================================================

10:21:27.0154 2120 ================ Scan system memory ========================

10:21:27.0154 2120 System memory - ok

10:21:27.0154 2120 ================ Scan services =============================

10:21:27.0341 2120 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys

10:21:27.0341 2120 ACPI - ok

10:21:27.0450 2120 [ C245E08EC469A52A622EFDC9787A0DCC ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

10:21:27.0450 2120 AdobeActiveFileMonitor10.0 - ok

10:21:27.0544 2120 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:21:27.0544 2120 AdobeARMservice - ok

10:21:27.0575 2120 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

10:21:27.0591 2120 adp94xx - ok

10:21:27.0622 2120 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys

10:21:27.0622 2120 adpahci - ok

10:21:27.0637 2120 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

10:21:27.0653 2120 adpu160m - ok

10:21:27.0669 2120 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

10:21:27.0669 2120 adpu320 - ok

10:21:27.0700 2120 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

10:21:27.0700 2120 AeLookupSvc - ok

10:21:27.0778 2120 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys

10:21:27.0778 2120 AFD - ok

10:21:27.0856 2120 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys

10:21:27.0856 2120 agp440 - ok

10:21:27.0887 2120 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys

10:21:27.0887 2120 aic78xx - ok

10:21:27.0903 2120 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe

10:21:27.0903 2120 ALG - ok

10:21:27.0934 2120 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys

10:21:27.0934 2120 aliide - ok

10:21:27.0949 2120 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys

10:21:27.0949 2120 amdide - ok

10:21:27.0981 2120 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

10:21:27.0981 2120 AmdK8 - ok

10:21:28.0012 2120 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll

10:21:28.0012 2120 Appinfo - ok

10:21:28.0074 2120 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

10:21:28.0074 2120 Apple Mobile Device - ok

10:21:28.0105 2120 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys

10:21:28.0105 2120 arc - ok

10:21:28.0137 2120 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys

10:21:28.0152 2120 arcsas - ok

10:21:28.0168 2120 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

10:21:28.0168 2120 AsyncMac - ok

10:21:28.0183 2120 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys

10:21:28.0183 2120 atapi - ok

10:21:28.0230 2120 [ 54494B93BB5AD74C807100144EC30D64 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys

10:21:28.0230 2120 atksgt - ok

10:21:28.0293 2120 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

10:21:28.0308 2120 AudioEndpointBuilder - ok

10:21:28.0308 2120 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll

10:21:28.0308 2120 AudioSrv - ok

10:21:28.0558 2120 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

10:21:28.0620 2120 AVGIDSAgent - ok

10:21:28.0667 2120 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

10:21:28.0667 2120 AVGIDSDriver - ok

10:21:28.0729 2120 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

10:21:28.0729 2120 AVGIDSHA - ok

10:21:28.0745 2120 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

10:21:28.0761 2120 Avgldx64 - ok

10:21:28.0792 2120 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

10:21:28.0792 2120 Avgloga - ok

10:21:28.0870 2120 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

10:21:28.0870 2120 Avgmfx64 - ok

10:21:28.0885 2120 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

10:21:28.0885 2120 Avgrkx64 - ok

10:21:28.0917 2120 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

10:21:28.0917 2120 Avgtdia - ok

10:21:28.0963 2120 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

10:21:28.0963 2120 avgtp - ok

10:21:29.0041 2120 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

10:21:29.0041 2120 avgwd - ok

10:21:29.0135 2120 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

10:21:29.0135 2120 BBSvc - ok

10:21:29.0213 2120 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll

10:21:29.0229 2120 BFE - ok

10:21:29.0307 2120 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll

10:21:29.0322 2120 BITS - ok

10:21:29.0353 2120 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

10:21:29.0353 2120 blbdrive - ok

10:21:29.0509 2120 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

10:21:29.0509 2120 Bonjour Service - ok

10:21:29.0541 2120 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

10:21:29.0541 2120 bowser - ok

10:21:29.0587 2120 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

10:21:29.0587 2120 BrFiltLo - ok

10:21:29.0603 2120 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

10:21:29.0603 2120 BrFiltUp - ok

10:21:29.0619 2120 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll

10:21:29.0619 2120 Browser - ok

10:21:29.0634 2120 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys

10:21:29.0634 2120 Brserid - ok

10:21:29.0650 2120 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

10:21:29.0650 2120 BrSerWdm - ok

10:21:29.0665 2120 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

10:21:29.0665 2120 BrUsbMdm - ok

10:21:29.0681 2120 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

10:21:29.0681 2120 BrUsbSer - ok

10:21:29.0697 2120 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

10:21:29.0697 2120 BTHMODEM - ok

10:21:29.0728 2120 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

10:21:29.0728 2120 cdfs - ok

10:21:29.0790 2120 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

10:21:29.0790 2120 cdrom - ok

10:21:29.0837 2120 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll

10:21:29.0837 2120 CertPropSvc - ok

10:21:29.0868 2120 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

10:21:29.0868 2120 circlass - ok

10:21:29.0931 2120 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys

10:21:29.0931 2120 CLFS - ok

10:21:30.0055 2120 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:21:30.0071 2120 clr_optimization_v2.0.50727_32 - ok

10:21:30.0133 2120 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:21:30.0133 2120 clr_optimization_v2.0.50727_64 - ok

10:21:30.0211 2120 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:21:30.0211 2120 clr_optimization_v4.0.30319_32 - ok

10:21:30.0243 2120 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:21:30.0243 2120 clr_optimization_v4.0.30319_64 - ok

10:21:30.0274 2120 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys

10:21:30.0274 2120 cmdide - ok

10:21:30.0289 2120 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

10:21:30.0289 2120 Compbatt - ok

10:21:30.0289 2120 COMSysApp - ok

10:21:30.0305 2120 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

10:21:30.0305 2120 crcdisk - ok

10:21:30.0352 2120 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll

10:21:30.0352 2120 CryptSvc - ok

10:21:30.0430 2120 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll

10:21:30.0445 2120 DcomLaunch - ok

10:21:30.0492 2120 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

10:21:30.0508 2120 DfsC - ok

10:21:30.0633 2120 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe

10:21:30.0664 2120 DFSR - ok

10:21:30.0726 2120 [ 7156833E6DFE0A804EA5CF7B8876AB7C ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys

10:21:30.0742 2120 dg_ssudbus - ok

10:21:30.0820 2120 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll

10:21:30.0820 2120 Dhcp - ok

10:21:30.0882 2120 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys

10:21:30.0882 2120 disk - ok

10:21:30.0945 2120 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll

10:21:30.0945 2120 Dnscache - ok

10:21:31.0007 2120 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll

10:21:31.0023 2120 dot3svc - ok

10:21:31.0132 2120 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

10:21:31.0132 2120 Dot4 - ok

10:21:31.0210 2120 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

10:21:31.0225 2120 Dot4Print - ok

10:21:31.0225 2120 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

10:21:31.0241 2120 dot4usb - ok

10:21:31.0241 2120 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll

10:21:31.0257 2120 DPS - ok

10:21:31.0272 2120 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

10:21:31.0272 2120 drmkaud - ok

10:21:31.0475 2120 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

10:21:31.0475 2120 DXGKrnl - ok

10:21:31.0522 2120 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys

10:21:31.0522 2120 E1G60 - ok

10:21:31.0553 2120 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll

10:21:31.0553 2120 EapHost - ok

10:21:31.0615 2120 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys

10:21:31.0615 2120 Ecache - ok

10:21:31.0678 2120 [ 33510BE001CCDB5A01FCC88F4DD8DFC7 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

10:21:31.0678 2120 ehRecvr - ok

10:21:31.0693 2120 [ 1ABC6436B0EDAA3D496D9C827F92820D ] ehSched C:\Windows\ehome\ehsched.exe

10:21:31.0693 2120 ehSched - ok

10:21:31.0725 2120 [ 08F48CB2CD4019AFB0456869B49CD76F ] ehstart C:\Windows\ehome\ehstart.dll

10:21:31.0725 2120 ehstart - ok

10:21:31.0740 2120 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys

10:21:31.0740 2120 elxstor - ok

10:21:31.0834 2120 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll

10:21:31.0834 2120 EMDMgmt - ok

10:21:31.0865 2120 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys

10:21:31.0881 2120 ErrDev - ok

10:21:31.0959 2120 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll

10:21:31.0959 2120 EventSystem - ok

10:21:32.0005 2120 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys

10:21:32.0005 2120 exfat - ok

10:21:32.0052 2120 ezSharedSvc - ok

10:21:32.0130 2120 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys

10:21:32.0146 2120 fastfat - ok

10:21:32.0146 2120 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

10:21:32.0161 2120 fdc - ok

10:21:32.0161 2120 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll

10:21:32.0161 2120 fdPHost - ok

10:21:32.0177 2120 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll

10:21:32.0177 2120 FDResPub - ok

10:21:32.0208 2120 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

10:21:32.0208 2120 FileInfo - ok

10:21:32.0224 2120 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys

10:21:32.0224 2120 Filetrace - ok

10:21:32.0239 2120 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

10:21:32.0239 2120 flpydisk - ok

10:21:32.0255 2120 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

10:21:32.0271 2120 FltMgr - ok

10:21:32.0364 2120 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll

10:21:32.0364 2120 FontCache - ok

10:21:32.0458 2120 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:21:32.0473 2120 FontCache3.0.0.0 - ok

10:21:32.0489 2120 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

10:21:32.0489 2120 Fs_Rec - ok

10:21:32.0505 2120 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

10:21:32.0505 2120 gagp30kx - ok

10:21:32.0645 2120 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

10:21:32.0661 2120 GamesAppService - ok

10:21:32.0739 2120 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

10:21:32.0739 2120 GEARAspiWDM - ok

10:21:32.0863 2120 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll

10:21:32.0863 2120 gpsvc - ok

10:21:32.0926 2120 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys

10:21:32.0941 2120 grmnusb - ok

10:21:33.0035 2120 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:21:33.0035 2120 gupdate - ok

10:21:33.0051 2120 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:21:33.0051 2120 gupdatem - ok

10:21:33.0113 2120 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

10:21:33.0129 2120 gusvc - ok

10:21:33.0316 2120 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

10:21:33.0331 2120 HDAudBus - ok

10:21:33.0378 2120 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys

10:21:33.0409 2120 HidBth - ok

10:21:33.0441 2120 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

10:21:33.0441 2120 HidIr - ok

10:21:33.0503 2120 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll

10:21:33.0503 2120 hidserv - ok

10:21:33.0597 2120 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

10:21:33.0612 2120 HidUsb - ok

10:21:33.0659 2120 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll

10:21:33.0659 2120 hkmsvc - ok

10:21:33.0690 2120 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

10:21:33.0706 2120 HP Health Check Service - ok

10:21:33.0721 2120 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

10:21:33.0721 2120 HpCISSs - ok

10:21:33.0784 2120 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

10:21:33.0784 2120 hpqcxs08 - ok

10:21:33.0799 2120 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

10:21:33.0799 2120 hpqddsvc - ok

10:21:33.0955 2120 [ 1967A46A7B9A55D2630D886211D40175 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

10:21:34.0018 2120 HPSLPSVC - ok

10:21:34.0065 2120 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys

10:21:34.0065 2120 HTTP - ok

10:21:34.0111 2120 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys

10:21:34.0143 2120 i2omp - ok

10:21:34.0189 2120 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

10:21:34.0189 2120 i8042prt - ok

10:21:34.0236 2120 [ 1117AF8C53AA278A4C5B7EF1B00E08F4 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

10:21:34.0236 2120 IAANTMON - ok

10:21:34.0252 2120 [ 8EACF469269FB1509561961A3188F670 ] iaStor C:\Windows\system32\drivers\iastor.sys

10:21:34.0252 2120 iaStor - ok

10:21:34.0283 2120 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

10:21:34.0283 2120 iaStorV - ok

10:21:34.0626 2120 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:21:34.0657 2120 idsvc - ok

10:21:34.0689 2120 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys

10:21:34.0689 2120 iirsp - ok

10:21:34.0923 2120 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll

10:21:34.0954 2120 IKEEXT - ok

10:21:35.0157 2120 [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

10:21:35.0172 2120 IntcAzAudAddService - ok

10:21:35.0250 2120 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys

10:21:35.0250 2120 intelide - ok

10:21:35.0266 2120 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

10:21:35.0266 2120 intelppm - ok

10:21:35.0297 2120 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

10:21:35.0297 2120 IPBusEnum - ok

10:21:35.0359 2120 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:21:35.0375 2120 IpFilterDriver - ok

10:21:35.0391 2120 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

10:21:35.0391 2120 iphlpsvc - ok

10:21:35.0391 2120 IpInIp - ok

10:21:35.0422 2120 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

10:21:35.0422 2120 IPMIDRV - ok

10:21:35.0437 2120 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

10:21:35.0437 2120 IPNAT - ok

10:21:35.0484 2120 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

10:21:35.0500 2120 iPod Service - ok

10:21:35.0515 2120 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys

10:21:35.0515 2120 IRENUM - ok

10:21:35.0547 2120 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys

10:21:35.0547 2120 isapnp - ok

10:21:35.0625 2120 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

10:21:35.0625 2120 iScsiPrt - ok

10:21:35.0640 2120 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

10:21:35.0656 2120 iteatapi - ok

10:21:35.0656 2120 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys

10:21:35.0656 2120 iteraid - ok

10:21:35.0671 2120 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

10:21:35.0671 2120 kbdclass - ok

10:21:35.0749 2120 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

10:21:35.0749 2120 kbdhid - ok

10:21:35.0781 2120 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe

10:21:35.0781 2120 KeyIso - ok

10:21:35.0921 2120 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

10:21:35.0952 2120 KSecDD - ok

10:21:35.0952 2120 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

10:21:35.0952 2120 ksthunk - ok

10:21:36.0093 2120 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll

10:21:36.0108 2120 KtmRm - ok

10:21:36.0264 2120 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll

10:21:36.0264 2120 LanmanServer - ok

10:21:36.0389 2120 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

10:21:36.0389 2120 LanmanWorkstation - ok

10:21:36.0467 2120 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

10:21:36.0467 2120 LightScribeService - ok

10:21:36.0498 2120 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys

10:21:36.0498 2120 lirsgt - ok

10:21:36.0623 2120 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

10:21:36.0623 2120 lltdio - ok

10:21:36.0701 2120 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll

10:21:36.0701 2120 lltdsvc - ok

10:21:36.0717 2120 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll

10:21:36.0732 2120 lmhosts - ok

10:21:36.0763 2120 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

10:21:36.0779 2120 LSI_FC - ok

10:21:36.0810 2120 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

10:21:36.0810 2120 LSI_SAS - ok

10:21:36.0841 2120 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

10:21:36.0841 2120 LSI_SCSI - ok

10:21:36.0857 2120 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys

10:21:36.0857 2120 luafv - ok

10:21:36.0888 2120 [ 9DB17B1DD76CF0FD0BB3DA5F1DA078C2 ] LxrSII1d C:\Windows\System32\Drivers\LxrSII1d.sys

10:21:36.0888 2120 LxrSII1d - ok

10:21:36.0904 2120 LxrSII1s - ok

10:21:36.0951 2120 [ 79DA94B35371B9E7104460C7693DCB2C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

10:21:36.0997 2120 MBAMProtector - ok

10:21:37.0044 2120 [ FA083726E6CA3FC67FAC69C1118F1F03 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:21:37.0060 2120 MBAMService - ok

10:21:37.0122 2120 [ 6DA30C0DE0CC8525E89D612C5063CAC1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

10:21:37.0122 2120 Mcx2Svc - ok

10:21:37.0153 2120 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys

10:21:37.0153 2120 megasas - ok

10:21:37.0185 2120 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys

10:21:37.0200 2120 MegaSR - ok

10:21:37.0247 2120 Microsoft SharePoint Workspace Audit Service - ok

10:21:37.0263 2120 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll

10:21:37.0278 2120 MMCSS - ok

10:21:37.0341 2120 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys

10:21:37.0372 2120 Modem - ok

10:21:37.0419 2120 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

10:21:37.0419 2120 monitor - ok

10:21:37.0434 2120 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

10:21:37.0434 2120 mouclass - ok

10:21:37.0497 2120 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

10:21:37.0512 2120 mouhid - ok

10:21:37.0512 2120 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

10:21:37.0512 2120 MountMgr - ok

10:21:37.0543 2120 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys

10:21:37.0543 2120 mpio - ok

10:21:37.0559 2120 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

10:21:37.0575 2120 mpsdrv - ok

10:21:37.0699 2120 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll

10:21:37.0699 2120 MpsSvc - ok

10:21:37.0731 2120 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

10:21:37.0731 2120 Mraid35x - ok

10:21:37.0746 2120 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

10:21:37.0746 2120 MRxDAV - ok

10:21:37.0855 2120 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

10:21:37.0855 2120 mrxsmb - ok

10:21:37.0996 2120 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:21:37.0996 2120 mrxsmb10 - ok

10:21:38.0043 2120 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:21:38.0043 2120 mrxsmb20 - ok

10:21:38.0074 2120 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys

10:21:38.0074 2120 msahci - ok

10:21:38.0152 2120 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys

10:21:38.0152 2120 msdsm - ok

10:21:38.0167 2120 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe

10:21:38.0183 2120 MSDTC - ok

10:21:38.0199 2120 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys

10:21:38.0199 2120 Msfs - ok

10:21:38.0214 2120 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

10:21:38.0214 2120 msisadrv - ok

10:21:38.0230 2120 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

10:21:38.0245 2120 MSiSCSI - ok

10:21:38.0245 2120 msiserver - ok

10:21:38.0277 2120 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

10:21:38.0277 2120 MSKSSRV - ok

10:21:38.0292 2120 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

10:21:38.0292 2120 MSPCLOCK - ok

10:21:38.0308 2120 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

10:21:38.0308 2120 MSPQM - ok

10:21:38.0464 2120 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

10:21:38.0511 2120 MsRPC - ok

10:21:38.0542 2120 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

10:21:38.0542 2120 mssmbios - ok

10:21:38.0557 2120 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

10:21:38.0573 2120 MSTEE - ok

10:21:38.0604 2120 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys

10:21:38.0604 2120 Mup - ok

10:21:38.0651 2120 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll

10:21:38.0667 2120 napagent - ok

10:21:38.0745 2120 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

10:21:38.0745 2120 NativeWifiP - ok

10:21:38.0947 2120 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys

10:21:38.0979 2120 NDIS - ok

10:21:39.0010 2120 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

10:21:39.0010 2120 NdisTapi - ok

10:21:39.0025 2120 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

10:21:39.0025 2120 Ndisuio - ok

10:21:39.0041 2120 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

10:21:39.0041 2120 NdisWan - ok

10:21:39.0057 2120 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

10:21:39.0057 2120 NDProxy - ok

10:21:39.0072 2120 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

10:21:39.0072 2120 Net Driver HPZ12 - ok

10:21:39.0088 2120 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

10:21:39.0103 2120 NetBIOS - ok

10:21:39.0181 2120 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

10:21:39.0181 2120 netbt - ok

10:21:39.0197 2120 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe

10:21:39.0197 2120 Netlogon - ok

10:21:39.0228 2120 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll

10:21:39.0228 2120 Netman - ok

10:21:39.0259 2120 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll

10:21:39.0259 2120 netprofm - ok

10:21:39.0353 2120 [ B69D6BB680C85243AF0263B3E01D5E77 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys

10:21:39.0353 2120 netr7364 - ok

10:21:39.0369 2120 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:21:39.0369 2120 NetTcpPortSharing - ok

10:21:39.0384 2120 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

10:21:39.0384 2120 nfrd960 - ok

10:21:39.0415 2120 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll

10:21:39.0415 2120 NlaSvc - ok

10:21:39.0447 2120 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys

10:21:39.0447 2120 Npfs - ok

10:21:39.0478 2120 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll

10:21:39.0478 2120 nsi - ok

10:21:39.0493 2120 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

10:21:39.0493 2120 nsiproxy - ok

10:21:39.0571 2120 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

10:21:39.0603 2120 Ntfs - ok

10:21:39.0603 2120 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys

10:21:39.0603 2120 Null - ok

10:21:39.0837 2120 [ E280AA1750074DADE61C93BB60E7F6B6 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:21:39.0883 2120 nvlddmkm - ok

10:21:39.0915 2120 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys

10:21:39.0915 2120 nvraid - ok

10:21:39.0930 2120 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys

10:21:39.0930 2120 nvstor - ok

10:21:39.0993 2120 [ 14429AFFE34A6AE21D9570107BB852FE ] nvsvc C:\Windows\system32\nvvsvc.exe

10:21:40.0008 2120 nvsvc - ok

10:21:40.0039 2120 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

10:21:40.0039 2120 nv_agp - ok

10:21:40.0039 2120 NwlnkFlt - ok

10:21:40.0039 2120 NwlnkFwd - ok

10:21:40.0133 2120 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

10:21:40.0133 2120 ohci1394 - ok

10:21:40.0227 2120 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:21:40.0227 2120 ose - ok

10:21:40.0398 2120 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

10:21:40.0461 2120 osppsvc - ok

10:21:40.0585 2120 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll

10:21:40.0585 2120 p2pimsvc - ok

10:21:40.0617 2120 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll

10:21:40.0632 2120 p2psvc - ok

10:21:40.0679 2120 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys

10:21:40.0710 2120 Parport - ok

10:21:40.0804 2120 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys

10:21:40.0804 2120 partmgr - ok

10:21:40.0835 2120 [ 3C3B3F6B66D5E6D69564D77CE0680F5A ] pavboot C:\Windows\system32\Drivers\pavboot64.sys

10:21:40.0835 2120 pavboot - ok

10:21:40.0866 2120 [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe

10:21:40.0866 2120 PavPrSrv - ok

10:21:40.0897 2120 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll

10:21:40.0897 2120 PcaSvc - ok

10:21:40.0975 2120 [ 7204F835A4355D1AB2853E57C9FF177C ] PCD5SRVC{8AAF211B-043E02A9-05040000} C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms

10:21:41.0022 2120 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok

10:21:41.0116 2120 PcdrNdisuio - ok

10:21:41.0256 2120 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys

10:21:41.0256 2120 pci - ok

10:21:41.0287 2120 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys

10:21:41.0287 2120 pciide - ok

10:21:41.0319 2120 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

10:21:41.0319 2120 pcmcia - ok

10:21:41.0350 2120 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys

10:21:41.0365 2120 PEAUTH - ok

10:21:41.0381 2120 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe

10:21:41.0381 2120 PerfHost - ok

10:21:41.0443 2120 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll

10:21:41.0443 2120 pla - ok

10:21:41.0521 2120 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

10:21:41.0521 2120 PlugPlay - ok

10:21:41.0553 2120 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

10:21:41.0568 2120 Pml Driver HPZ12 - ok

10:21:41.0693 2120 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

10:21:41.0693 2120 PNRPAutoReg - ok

10:21:41.0724 2120 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll

10:21:41.0724 2120 PNRPsvc - ok

10:21:41.0755 2120 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

10:21:41.0771 2120 PolicyAgent - ok

10:21:41.0833 2120 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

10:21:41.0833 2120 PptpMiniport - ok

10:21:41.0896 2120 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys

10:21:41.0911 2120 Processor - ok

10:21:41.0974 2120 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll

10:21:41.0974 2120 ProfSvc - ok

10:21:41.0989 2120 Prot6Flt - ok

10:21:42.0021 2120 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe

10:21:42.0021 2120 ProtectedStorage - ok

10:21:42.0083 2120 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys

10:21:42.0083 2120 PSched - ok

10:21:42.0239 2120 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

10:21:42.0255 2120 PSI_SVC_2 - ok

10:21:43.0159 2120 [ F1B9981E2E6AF1A6030CB49EF4FDC513 ] PskSvcRetailInst C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe

10:21:43.0159 2120 PskSvcRetailInst - ok

10:21:43.0237 2120 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

10:21:43.0237 2120 PxHlpa64 - ok

10:21:43.0284 2120 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys

10:21:43.0300 2120 ql2300 - ok

10:21:43.0331 2120 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

10:21:43.0331 2120 ql40xx - ok

10:21:43.0362 2120 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll

10:21:43.0362 2120 QWAVE - ok

10:21:43.0378 2120 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

10:21:43.0378 2120 QWAVEdrv - ok

10:21:43.0393 2120 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

10:21:43.0393 2120 RasAcd - ok

10:21:43.0409 2120 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll

10:21:43.0409 2120 RasAuto - ok

10:21:43.0471 2120 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

10:21:43.0471 2120 Rasl2tp - ok

10:21:43.0487 2120 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll

10:21:43.0487 2120 RasMan - ok

10:21:43.0549 2120 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

10:21:43.0565 2120 RasPppoe - ok

10:21:43.0627 2120 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

10:21:43.0627 2120 RasSstp - ok

10:21:43.0705 2120 [ 1254BD851E51E0E771B0FA2CF926E75E ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys

10:21:43.0705 2120 rcmirror - ok

10:21:43.0768 2120 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

10:21:43.0783 2120 rdbss - ok

10:21:43.0830 2120 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

10:21:43.0830 2120 RDPCDD - ok

10:21:43.0861 2120 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

10:21:43.0861 2120 rdpdr - ok

10:21:43.0877 2120 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

10:21:43.0877 2120 RDPENCDD - ok

10:21:43.0924 2120 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

10:21:43.0939 2120 RDPWD - ok

10:21:43.0955 2120 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll

10:21:43.0955 2120 RemoteAccess - ok

10:21:44.0033 2120 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll

10:21:44.0033 2120 RemoteRegistry - ok

10:21:44.0049 2120 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe

10:21:44.0049 2120 RpcLocator - ok

10:21:44.0173 2120 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll

10:21:44.0173 2120 RpcSs - ok

10:21:44.0220 2120 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

10:21:44.0220 2120 rspndr - ok

10:21:44.0267 2120 [ D53C84EC99AB4D78A90001E5CE5386EC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys

10:21:44.0267 2120 RTL8169 - ok

10:21:44.0298 2120 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe

10:21:44.0314 2120 SamSs - ok

10:21:44.0329 2120 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

10:21:44.0345 2120 sbp2port - ok

10:21:44.0407 2120 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll

10:21:44.0423 2120 SCardSvr - ok

10:21:44.0532 2120 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll

10:21:44.0548 2120 Schedule - ok

10:21:44.0610 2120 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll

10:21:44.0610 2120 SCPolicySvc - ok

10:21:44.0641 2120 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll

10:21:44.0641 2120 SDRSVC - ok

10:21:44.0891 2120 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

10:21:44.0907 2120 SeaPort - ok

10:21:44.0922 2120 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

10:21:44.0922 2120 secdrv - ok

10:21:44.0938 2120 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll

10:21:44.0938 2120 seclogon - ok

10:21:44.0985 2120 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll

10:21:44.0985 2120 SENS - ok

10:21:45.0000 2120 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys

10:21:45.0016 2120 Serenum - ok

10:21:45.0047 2120 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys

10:21:45.0047 2120 Serial - ok

10:21:45.0063 2120 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys

10:21:45.0063 2120 sermouse - ok

10:21:45.0094 2120 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll

10:21:45.0094 2120 SessionEnv - ok

10:21:45.0109 2120 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

10:21:45.0109 2120 sffdisk - ok

10:21:45.0125 2120 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

10:21:45.0125 2120 sffp_mmc - ok

10:21:45.0141 2120 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

10:21:45.0141 2120 sffp_sd - ok

10:21:45.0156 2120 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

10:21:45.0156 2120 sfloppy - ok

10:21:45.0187 2120 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll

10:21:45.0187 2120 SharedAccess - ok

10:21:45.0297 2120 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

10:21:45.0297 2120 ShellHWDetection - ok

10:21:45.0328 2120 [ EAB96BFEB3CCFB3666289C89AEC4A5EE ] ShldFlt C:\Windows\system32\DRIVERS\ShldFlt.sys

10:21:45.0328 2120 ShldFlt - ok

10:21:45.0343 2120 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

10:21:45.0359 2120 SiSRaid2 - ok

10:21:45.0375 2120 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

10:21:45.0375 2120 SiSRaid4 - ok

10:21:45.0562 2120 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe

10:21:45.0577 2120 slsvc - ok

10:21:45.0687 2120 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll

10:21:45.0687 2120 SLUINotify - ok

10:21:45.0765 2120 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys

10:21:45.0780 2120 Smb - ok

10:21:45.0827 2120 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe

10:21:45.0827 2120 SNMPTRAP - ok

10:21:45.0921 2120 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys

10:21:45.0921 2120 spldr - ok

10:21:45.0999 2120 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe

10:21:46.0014 2120 Spooler - ok

10:21:46.0139 2120 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys

10:21:46.0139 2120 srv - ok

10:21:46.0233 2120 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

10:21:46.0233 2120 srv2 - ok

10:21:46.0279 2120 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

10:21:46.0279 2120 srvnet - ok

10:21:46.0326 2120 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

10:21:46.0326 2120 SSDPSRV - ok

10:21:46.0342 2120 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll

10:21:46.0357 2120 SstpSvc - ok

10:21:46.0467 2120 [ 9E1BFA37FCF943C3B48F71F08019EA95 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys

10:21:46.0482 2120 ssudmdm - ok

10:21:46.0513 2120 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

10:21:46.0513 2120 StillCam - ok

10:21:46.0623 2120 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll

10:21:46.0638 2120 stisvc - ok

10:21:46.0654 2120 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys

10:21:46.0654 2120 swenum - ok

10:21:46.0794 2120 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll

10:21:46.0810 2120 swprv - ok

10:21:46.0857 2120 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

10:21:46.0872 2120 Symc8xx - ok

10:21:46.0888 2120 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

10:21:46.0888 2120 Sym_hi - ok

10:21:46.0903 2120 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

10:21:46.0903 2120 Sym_u3 - ok

10:21:47.0013 2120 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll

10:21:47.0028 2120 SysMain - ok

10:21:47.0075 2120 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll

10:21:47.0075 2120 TabletInputService - ok

10:21:47.0247 2120 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll

10:21:47.0247 2120 TapiSrv - ok

10:21:47.0293 2120 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll

10:21:47.0293 2120 TBS - ok

10:21:47.0855 2120 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

10:21:47.0917 2120 Tcpip - ok

10:21:47.0933 2120 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

10:21:47.0949 2120 Tcpip6 - ok

10:21:48.0011 2120 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

10:21:48.0042 2120 tcpipreg - ok

10:21:48.0073 2120 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

10:21:48.0089 2120 TDPIPE - ok

10:21:48.0089 2120 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

10:21:48.0089 2120 TDTCP - ok

10:21:48.0151 2120 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

10:21:48.0151 2120 tdx - ok

10:21:48.0214 2120 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

10:21:48.0214 2120 TermDD - ok

10:21:48.0339 2120 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll

10:21:48.0339 2120 TermService - ok

10:21:48.0479 2120 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll

10:21:48.0479 2120 Themes - ok

10:21:48.0541 2120 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll

10:21:48.0541 2120 THREADORDER - ok

10:21:48.0573 2120 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll

10:21:48.0588 2120 TrkWks - ok

10:21:48.0666 2120 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

10:21:48.0666 2120 TrustedInstaller - ok

10:21:48.0729 2120 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

10:21:48.0744 2120 tssecsrv - ok

10:21:48.0775 2120 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

10:21:48.0775 2120 tunmp - ok

10:21:48.0822 2120 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

10:21:48.0822 2120 tunnel - ok

10:21:48.0869 2120 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

10:21:48.0869 2120 uagp35 - ok

10:21:48.0885 2120 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

10:21:48.0900 2120 udfs - ok

10:21:48.0916 2120 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe

10:21:48.0916 2120 UI0Detect - ok

10:21:48.0931 2120 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

10:21:48.0931 2120 uliagpkx - ok

10:21:48.0963 2120 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys

10:21:48.0963 2120 uliahci - ok

10:21:48.0978 2120 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys

10:21:48.0978 2120 UlSata - ok

10:21:49.0072 2120 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

10:21:49.0103 2120 ulsata2 - ok

10:21:49.0119 2120 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

10:21:49.0119 2120 umbus - ok

10:21:49.0134 2120 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll

10:21:49.0134 2120 upnphost - ok

10:21:49.0197 2120 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

10:21:49.0228 2120 USBAAPL64 - ok

10:21:49.0321 2120 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

10:21:49.0321 2120 usbaudio - ok

10:21:49.0353 2120 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

10:21:49.0353 2120 usbccgp - ok

10:21:49.0384 2120 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

10:21:49.0384 2120 usbcir - ok

10:21:49.0446 2120 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

10:21:49.0462 2120 usbehci - ok

10:21:49.0477 2120 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

10:21:49.0477 2120 usbhub - ok

10:21:49.0493 2120 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys

10:21:49.0493 2120 usbohci - ok

10:21:49.0524 2120 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

10:21:49.0524 2120 usbprint - ok

10:21:49.0555 2120 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

10:21:49.0555 2120 usbscan - ok

10:21:49.0618 2120 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:21:49.0618 2120 USBSTOR - ok

10:21:49.0633 2120 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

10:21:49.0633 2120 usbuhci - ok

10:21:49.0696 2120 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll

10:21:49.0696 2120 UxSms - ok

10:21:49.0805 2120 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe

10:21:49.0805 2120 vds - ok

10:21:49.0867 2120 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

10:21:49.0867 2120 vga - ok

10:21:49.0867 2120 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys

10:21:49.0867 2120 VgaSave - ok

10:21:49.0914 2120 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys

10:21:49.0930 2120 viaide - ok

10:21:49.0945 2120 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys

10:21:49.0945 2120 volmgr - ok

10:21:50.0008 2120 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

10:21:50.0023 2120 volmgrx - ok

10:21:50.0101 2120 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys

10:21:50.0117 2120 volsnap - ok

10:21:50.0133 2120 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

10:21:50.0133 2120 vsmraid - ok

10:21:50.0320 2120 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe

10:21:50.0320 2120 VSS - ok

10:21:50.0507 2120 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

10:21:50.0523 2120 vToolbarUpdater14.2.0 - ok

10:21:50.0585 2120 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll

10:21:50.0585 2120 W32Time - ok

10:21:50.0616 2120 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

10:21:50.0632 2120 WacomPen - ok

10:21:50.0694 2120 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

10:21:50.0710 2120 Wanarp - ok

10:21:50.0710 2120 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

10:21:50.0710 2120 Wanarpv6 - ok

10:21:50.0819 2120 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll

10:21:50.0819 2120 wcncsvc - ok

10:21:50.0866 2120 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

10:21:50.0866 2120 WcsPlugInService - ok

10:21:50.0913 2120 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys

10:21:50.0928 2120 Wd - ok

10:21:50.0975 2120 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

10:21:50.0991 2120 Wdf01000 - ok

10:21:51.0006 2120 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll

10:21:51.0006 2120 WdiServiceHost - ok

10:21:51.0006 2120 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll

10:21:51.0006 2120 WdiSystemHost - ok

10:21:51.0053 2120 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll

10:21:51.0053 2120 WebClient - ok

10:21:51.0162 2120 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll

10:21:51.0162 2120 Wecsvc - ok

10:21:51.0193 2120 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll

10:21:51.0193 2120 wercplsupport - ok

10:21:51.0209 2120 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll

10:21:51.0209 2120 WerSvc - ok

10:21:51.0256 2120 WinDefend - ok

10:21:51.0271 2120 WinHttpAutoProxySvc - ok

10:21:51.0381 2120 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

10:21:51.0381 2120 Winmgmt - ok

10:21:51.0661 2120 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll

10:21:51.0677 2120 WinRM - ok

10:21:51.0880 2120 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll

10:21:51.0895 2120 Wlansvc - ok

10:21:51.0942 2120 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

10:21:51.0942 2120 WmiAcpi - ok

10:21:52.0051 2120 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

10:21:52.0051 2120 wmiApSrv - ok

10:21:52.0067 2120 WMPNetworkSvc - ok

10:21:52.0129 2120 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll

10:21:52.0129 2120 WPCSvc - ok

10:21:52.0192 2120 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

10:21:52.0207 2120 WPDBusEnum - ok

10:21:52.0285 2120 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

10:21:52.0301 2120 WpdUsb - ok

10:21:52.0707 2120 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

10:21:52.0722 2120 WPFFontCache_v0400 - ok

10:21:52.0753 2120 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

10:21:52.0769 2120 ws2ifsl - ok

10:21:52.0878 2120 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll

10:21:52.0878 2120 wscsvc - ok

10:21:52.0878 2120 WSearch - ok

10:21:53.0081 2120 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

10:21:53.0097 2120 wuauserv - ok

10:21:53.0175 2120 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

10:21:53.0190 2120 WudfPf - ok

10:21:53.0237 2120 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

10:21:53.0237 2120 WUDFRd - ok

10:21:53.0284 2120 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

10:21:53.0284 2120 wudfsvc - ok

10:21:53.0377 2120 [ 77765CFC6A4A71E1F119295B5B5AD4D6 ] xcbdaNtsc C:\Windows\system32\DRIVERS\xcbdax64.sys

10:21:53.0377 2120 xcbdaNtsc - ok

10:21:53.0393 2120 ================ Scan global ===============================

10:21:53.0440 2120 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll

10:21:53.0565 2120 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

10:21:53.0596 2120 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

10:21:53.0705 2120 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe

10:21:53.0705 2120 [Global] - ok

10:21:53.0705 2120 ================ Scan MBR ==================================

10:21:53.0736 2120 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0

10:21:54.0345 2120 \Device\Harddisk0\DR0 - ok

10:21:54.0345 2120 ================ Scan VBR ==================================

10:21:54.0360 2120 [ 672CF973830DA0C3531F6C8C78443174 ] \Device\Harddisk0\DR0\Partition1

10:21:54.0360 2120 \Device\Harddisk0\DR0\Partition1 - ok

10:21:54.0391 2120 [ 492E1632F5AB051FB15354F451086D58 ] \Device\Harddisk0\DR0\Partition2

10:21:54.0438 2120 \Device\Harddisk0\DR0\Partition2 - ok

10:21:54.0438 2120 ============================================================

10:21:54.0438 2120 Scan finished

10:21:54.0438 2120 ============================================================

10:21:54.0438 3500 Detected object count: 0

10:21:54.0438 3500 Actual detected object count: 0

Link to post
Share on other sites

Good result from Tdsskiller.

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • RIGHT-click on RSITx64.exe & select Run as Administrator to start RSITx64.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Link to post
Share on other sites

Ok, here is the log.txt file:

Logfile of random's system information tool 1.09 (written by random/random)

Run by HP at 2013-03-08 05:27:00

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 311 GB (44%) free of 701 GB

Total RAM: 4094 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:27:05 AM, on 3/8/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\PROGRA~2\MICROS~2\Office14\OUTLOOK.EXE

C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tamabentoncoop.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{67899D8C-147F-49E2-ABE5-D064EEC25557}: NameServer = 216.51.173.2,216.51.173.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{67899D8C-147F-49E2-ABE5-D064EEC25557}: NameServer = 216.51.173.2,216.51.173.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{67899D8C-147F-49E2-ABE5-D064EEC25557}: NameServer = 216.51.173.2,216.51.173.1

O18 - Protocol: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\Express View\expressview.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\Express View\expressview.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: PskSvcRetailInst - Panda Security, S.L. - C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13880 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=3ff4c34e-3e57-4f0a-8462-e64a88919130 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\ab94444f-8b83-4a68-87fd-d5658c3a941a-218-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

winlogon.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize

"C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\Windows\SysWOW64\svchost.exe -k netsvcs

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"

"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

C:\Windows\SysWOW64\LxrSII1s.exe

"C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k HPService

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-53db0128-27d3-4df5-b297-856bccc815b8 -SystemEventPortName:HostProcess-c59e3190-6918-46e1-bef6-99fff28a8a5e -IoCancelEventPortName:HostProcess-a46a4402-35ca-494a-80cc-cd96bc050d79 -NonStateChangingEventPortName:HostProcess-38e5ec8d-c2ed-4121-97da-97c4f23d0504 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8aec31d3-51c3-4725-b009-1175e2125434 -DeviceGroupId:WpdFsGroup

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"

"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

"C:\Windows\ehome\ehtray.exe"

"C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe"

taskeng.exe {BDDF396F-9D94-41E4-B334-50DA5C7DBC84}

taskeng.exe {4360F56A-C102-4206-89ED-88B36FC7AAFD}

"C:\hp\support\hpsysdrv.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"

"C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

"C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe"

"C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\ehome\ehmsas.exe -Embedding

C:\Windows\ehome\ehsched.exe

C:\Windows\ehome\ehRecvr.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=33540b62-0a53-4e2a-b46b-52241d758834 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3f868754-5d4b-4c42-9768-8d1c16096b51-be0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

splwow64

"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"

"C:\Program Files (x86)\Internet Explorer\iexplore.exe"

"C:\PROGRA~2\MICROS~2\Office14\OUTLOOK.EXE" /recycle

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe109_ Global\UsGthrCtrlFltPipeMssGthrPipe109 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 660 664 672 65536 668

"C:\Users\HP\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FreeFileViewerUpdateChecker.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HPCeeScheduleForHP.job

C:\Windows\tasks\Norton Internet Security - Run Full System Scan - HP.job

C:\Windows\tasks\PCDRScheduledMaintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-01-08 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Symantec Intrusion Prevention - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-10-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-18 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-08 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-01-08 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-08 192144]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-18 1929392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1584184]

"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-11-03 182808]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-10-16 15853088]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-10-16 82464]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-12-23 152064]

"PhotoshopElements8SyncAgent"=C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe [2011-09-01 1954456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]

"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]

"Corel Photo Downloader"=C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2008-08-08 532808]

"Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-08-08 16712]

"Easy Dock"= []

"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-09-09 1148200]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-02-18 1151152]

"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"ForceActiveDesktopOn"=0

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-08 05:17:04 ----D---- C:\Program Files\trend micro

2013-03-08 05:17:03 ----D---- C:\rsit

2013-03-06 10:21:03 ----A---- C:\TDSSKiller.2.8.16.0_06.03.2013_10.21.03_log.txt

2013-03-04 20:07:21 ----D---- C:\FRST

2013-02-18 21:30:20 ----D---- C:\ProgramData\AVG Secure Search

2013-02-14 03:03:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2013-02-14 03:03:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-02-14 03:03:33 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-02-14 03:03:33 ----A---- C:\Windows\system32\mshtmled.dll

2013-02-14 03:03:33 ----A---- C:\Windows\system32\ieui.dll

2013-02-14 03:03:32 ----A---- C:\Windows\SYSWOW64\url.dll

2013-02-14 03:03:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2013-02-14 03:03:32 ----A---- C:\Windows\system32\jsproxy.dll

2013-02-14 03:03:32 ----A---- C:\Windows\system32\ieUnatt.exe

2013-02-14 03:03:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-02-14 03:03:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-02-14 03:03:31 ----A---- C:\Windows\system32\urlmon.dll

2013-02-14 03:03:31 ----A---- C:\Windows\system32\url.dll

2013-02-14 03:03:31 ----A---- C:\Windows\system32\jscript9.dll

2013-02-14 03:03:30 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-02-14 03:03:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-02-14 03:03:30 ----A---- C:\Windows\system32\msfeeds.dll

2013-02-14 03:03:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-02-14 03:03:29 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-02-14 03:03:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-02-14 03:03:29 ----A---- C:\Windows\system32\wininet.dll

2013-02-14 03:03:29 ----A---- C:\Windows\system32\vbscript.dll

2013-02-14 03:03:29 ----A---- C:\Windows\system32\jscript.dll

2013-02-14 03:03:29 ----A---- C:\Windows\system32\iertutil.dll

2013-02-14 03:03:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-02-14 03:03:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-02-14 03:03:25 ----A---- C:\Windows\system32\mshtml.dll

2013-02-14 03:03:25 ----A---- C:\Windows\system32\ieframe.dll

2013-02-13 07:39:18 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-02-13 07:39:16 ----A---- C:\Windows\system32\win32k.sys

2013-02-13 07:39:15 ----A---- C:\Windows\system32\quartz.dll

2013-02-13 07:39:14 ----A---- C:\Windows\SYSWOW64\quartz.dll

2013-02-13 07:39:13 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-02-12 09:46:43 ----D---- C:\Users\HP\AppData\Roaming\TestApp

2013-02-12 09:46:43 ----D---- C:\ProgramData\PC Tools

2013-02-09 07:55:53 ----D---- C:\ProgramData\APN

2013-02-09 07:14:18 ----D---- C:\ProgramData\HitmanPro

======List of files/folders modified in the last 1 month======

2013-03-08 05:27:01 ----D---- C:\Windows\Temp

2013-03-08 05:18:09 ----D---- C:\Windows\Prefetch

2013-03-08 05:17:04 ----RD---- C:\Program Files

2013-03-08 00:00:41 ----SHD---- C:\System Volume Information

2013-03-07 17:27:49 ----D---- C:\ProgramData\MFAData

2013-03-06 10:23:55 ----D---- C:\Windows\SYSWOW64\drivers

2013-03-06 10:21:09 ----D---- C:\Windows\system32\drivers

2013-03-05 08:13:59 ----D---- C:\Windows\System32

2013-03-05 08:13:59 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-03-05 08:09:16 ----D---- C:\Windows\system32\catroot2

2013-03-05 03:41:27 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate

2013-02-26 06:54:21 ----SHD---- C:\Windows\Installer

2013-02-26 06:53:32 ----D---- C:\Windows\SysWOW64

2013-02-21 17:43:00 ----D---- C:\Windows\Tasks

2013-02-18 21:30:20 ----HD---- C:\ProgramData

2013-02-18 21:30:13 ----D---- C:\Program Files (x86)\AVG Secure Search

2013-02-17 18:11:42 ----D---- C:\Windows\system32\Tasks

2013-02-14 07:37:26 ----D---- C:\Windows\Microsoft.NET

2013-02-14 07:37:03 ----RSD---- C:\Windows\assembly

2013-02-14 07:01:09 ----D---- C:\Windows\SYSWOW64\migration

2013-02-14 07:01:09 ----D---- C:\Program Files (x86)\Internet Explorer

2013-02-14 07:01:08 ----D---- C:\Windows\system32\migration

2013-02-14 07:01:08 ----D---- C:\Program Files\Internet Explorer

2013-02-14 03:18:35 ----D---- C:\ProgramData\Microsoft Help

2013-02-14 03:17:55 ----D---- C:\Windows\winsxs

2013-02-14 03:17:24 ----D---- C:\Windows\system32\catroot

2013-02-14 03:11:30 ----A---- C:\Windows\system32\mrt.exe

2013-02-12 14:36:30 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-12 10:30:56 ----AD---- C:\ProgramData\Temp

2013-02-12 10:13:18 ----D---- C:\Program Files (x86)\thinkTDA

2013-02-12 09:14:53 ----D---- C:\Windows\system32\wbem

2013-02-12 09:14:53 ----D---- C:\Windows

2013-02-12 09:13:26 ----RD---- C:\Program Files (x86)

2013-02-12 09:13:17 ----D---- C:\Windows\system32\spool

2013-02-12 09:13:16 ----D---- C:\Windows\system32\drivers\UMDF

2013-02-12 09:13:15 ----D---- C:\Windows\system32\CodeIntegrity

2013-02-12 09:13:12 ----D---- C:\Windows\inf

2013-02-12 09:12:54 ----D---- C:\Users\HP\AppData\Roaming\FreeFileViewer

2013-02-12 09:12:53 ----D---- C:\Users\HP\AppData\Roaming\Catalina Marketing Corp

2013-02-12 09:12:34 ----D---- C:\Program Files\Windows Photo Gallery

2013-02-12 09:12:34 ----D---- C:\Program Files (x86)\Windows Media Player

2013-02-12 09:12:34 ----D---- C:\Program Files (x86)\iTunes

2013-02-12 09:12:30 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2008-12-04 407064]

R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2008-06-19 33792]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]

R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2008-02-28 46136]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-04-29 310728]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-04-29 42696]

R2 LxrSII1d;Secure II Driver; \??\C:\Windows\System32\Drivers\LxrSII1d.sys [2009-12-30 63064]

R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-20 145408]

R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-20 19968]

R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-20 42496]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-02-11 1708192]

R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]

R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-05-24 626176]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-10-16 9592352]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2009-01-20 195584]

R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 41984]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-25 87040]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-25 198656]

R3 xcbdaNtsc;ViXS Tuner Card (NTSC); C:\Windows\system32\DRIVERS\xcbdax64.sys [2008-08-22 204672]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-07-20 95416]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 6144]

S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]

S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 23152]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 11008]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 7936]

S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-09-09 25888]

S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; syswow64\drivers\pcdrndisuio.sys []

S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []

S3 rcmirror;rcmirror; C:\Windows\system32\DRIVERS\rcmirror.sys [2008-10-09 5120]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-07-20 203320]

S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-20 12288]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]

S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 98944]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 46592]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 8704]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-20 27648]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 27648]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]

R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-20 27648]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-20 27648]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-11-03 354840]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]

R2 LxrSII1s;Lexar Secure II; C:\Windows\syswow64\LxrSII1s.exe [2009-12-30 65536]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-16 168992]

R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 PskSvcRetailInst;PskSvcRetailInst; C:\Users\HP\AppData\Local\Temp\ISSCAN\PskSvc.exe [2008-06-25 28928]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]

R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-20 27648]

R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-12 136176]

S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 27648]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 27648]

S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-12 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]

S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-31 652360]

-----------------EOF-----------------

Link to post
Share on other sites

and here is the info.txt file:

info.txt logfile of random's system information tool 1.09 2013-03-08 05:17:24

======Uninstall list======

-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Boggle\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Bookworm Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Build-a-lot\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Cake Mania\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Family Feud\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Hidden Relics\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Jewel Quest II\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Jewel Quest\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\JoJo's Fashion Show\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Mah Jong Quest\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Polar Pool\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Super Granny 4\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Tradewinds\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"

-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"

-->C:\PROGRA~2\Yahoo!\Common\unyt.exe

64 Bit HP CIO Components Installer-->MsiExec.exe /I{55D55008-E5F6-47D6-B16F-B2A40D4D145F}

ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{1798D459-6B8B-474B-868D-1229EADA3B95}

Adobe Community Help-->msiexec /qb /x {A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}

Adobe Community Help-->MsiExec.exe /I{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}

Adobe Digital Editions 2.0-->"C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\uninstall.exe"

Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe -maintain activex

Adobe Photoshop Elements 10-->msiexec /i {EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF} NOT_STANDALONE=1 /l* C:\Users\HP\AppData\Local\Temp\PSE10Uninstall.log

Adobe Photoshop.com Inspiration Browser-->msiexec /qb /x {EC8282AB-48DD-91D2-7387-01CD6E100A5D}

Adobe Photoshop.com Inspiration Browser-->MsiExec.exe /I{EC8282AB-48DD-91D2-7387-01CD6E100A5D}

Adobe Reader X (10.1.6)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Amazon Music Importer-->msiexec /qb /x {98823CC0-51DA-565C-FF90-DCC72D47BD24}

Amazon Music Importer-->MsiExec.exe /I{98823CC0-51DA-565C-FF90-DCC72D47BD24}

AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly

Apple Application Support-->MsiExec.exe /I{CCE825DB-347A-4004-A186-5F4A6FDD8547}

Apple Mobile Device Support-->MsiExec.exe /I{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

AVG 2013-->"C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe" /AppMode=SETUP /Uninstall

AVG 2013-->MsiExec.exe /I{9F0D08A0-5623-4EF6-A513-40048E20C4E0}

AVG 2013-->MsiExec.exe /I{D9B7744C-1C39-49B8-86B3-F930631B4FE2}

AVG Security Toolbar-->C:\Program Files (x86)\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL

Bing Bar-->MsiExec.exe /X{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}

Bing Rewards Client Installer-->MsiExec.exe /X{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}

Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

Cakewalk Sound Center 1.1.0-->"C:\Program Files (x86)\Cakewalk\Cakewalk Sound Center\unins000.exe"

Canon EOS Kiss REBEL 300D TWAIN Driver-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4F9EF11C-A91A-42D0-BDAC-BB9695237075}

Canon PhotoRecord-->MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}

Canon RAW Codec-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\RAWCodec170\CRCUnInstall.ini"

Canon RAW Image Task for ZoomBrowser EX-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FAF0DAD8-1EA7-4FEF-80E5-8D8D6EBD5A23}

Canon RemoteCapture Task for ZoomBrowser EX-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2236B741-6631-49AE-B76E-3E14CA01CC87}

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"

Canon Utilities CameraWindow DC-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowDC\Uninst.ini"

Canon Utilities CameraWindow-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"

Canon Utilities Digital Photo Professional 3.7-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Digital Photo Professional\Uninst.ini"

Canon Utilities File Viewer Utility 1.3-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2D1C2321-8FDB-49B8-A66B-4008DC0B6B5D}

Canon Utilities MyCamera DC-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\MyCameraDC\Uninst.ini"

Canon Utilities MyCamera-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\MyCamera\Uninst.ini"

Canon Utilities PhotoStitch 3.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F11A403B-0DE9-4953-B790-7A2F014FBB2B}

Canon Utilities RemoteCapture 2.7-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{14220DB1-DD96-4BCD-B3D5-03A4EA6631C4}

Canon Utilities RemoteCapture DC-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"

Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"

Canon Utilities ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\Uninst.ini"

Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX MCU\Uninst.ini"

Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}

CyberLink DVD Suite Deluxe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" -uninstall

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{7CBAE557-86B7-43DE-BF84-2FE9226E86C6}" "1033" "0"

File Type Assistant-->"C:\Program Files (x86)\File Type Assistant\unins000.exe"

Free File Viewer 2011-->"C:\Program Files (x86)\FreeFileViewer\unins000.exe"

Garmin Communicator Plugin x64-->MsiExec.exe /X{237D687E-9E50-4A30-B810-262764CC491B}

Garmin Communicator Plugin-->MsiExec.exe /X{647BB978-2876-487B-9B0E-FDB73F0EA4A2}

Garmin Trip and Waypoint Manager v5-->MsiExec.exe /X{414A373B-59DF-4102-94CA-9FE9A74CBDDA}

Garmin USB Drivers-->MsiExec.exe /X{510D2239-6C2E-457B-9590-485EC552D94D}

Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor for Windows\uninst.exe

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""

HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409

HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly

HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}

HP Customer Participation Program 13.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot

HP Demo-->MsiExec.exe /X{97ABD26A-3249-46CB-B2E2-F66E64B2E480}

HP Deskjet F4400 Printer Driver Software 13.0 Rel .5-->C:\Program Files (x86)\HP\Digital Imaging\{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}\setup\hpzscr40.exe -datfile hposcr37.dat -onestop -forcereboot

HP Imaging Device Functions 13.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall

HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall

HP Photo Creations-->"C:\Program Files (x86)\HP Photo Creations\uninst.exe"

HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files (x86)\HP\Digital Imaging\{86D3D561-D1FD-4d57-8395-20030467E0F9}\setup\hpzscr40.exe -datfile hposcr21.dat -onestop

HP Photosmart Essential 3.0-->C:\Program Files (x86)\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat

HP Print Projects 1.0-->C:\Program Files (x86)\HP\Digital Imaging\HPPrintProjects\hpzscr01.exe -datfile hpqbud19.dat

HP Recovery Manager RSS-->MsiExec.exe /X{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}

HP Smart Web Printing 4.60-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat

HP Solution Center 13.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot

HP Update-->MsiExec.exe /X{787D1A33-A97B-4245-87C0-7174609A540C}

HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}

HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}\setup.exe" -l0x9 -removeonly

Intel® Matrix Storage Manager-->C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall

iPhone Configuration Utility-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}

iTunes-->MsiExec.exe /I{0E5D76AD-A3FB-48D5-8400-8903B10317D3}

Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}

LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall

LightScribe System Software-->MsiExec.exe /X{7F10292C-A190-4176-A665-A1ED3478DF86}

LightScribeTemplateLabeler-->MsiExec.exe /X{305D4B08-5807-4475-B1C8-D54685534864}

Lizardtech Express View Browser Plug-in-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchiSetup -ether"C:\Program Files (x86)\InstallShield Installation Information\{9CD8FC8E-A1CA-4634-96BC-CD6B2D4797CC}" -l0x9

Malwarebytes Anti-Malware version 1.60.1.1000-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0116-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0"

Microsoft Office 97, Professional Edition-->C:\Program Files (x86)\Microsoft Office\Office\Setup\Acme.exe /w Off97Pro.STF

Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Home and Student 60 day trial-->c:\hp\bin\MSOffice\uninst2.cmd

Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE}

Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}

Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL

Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared 64-bit MUI (English) 2010-->MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE}

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft UI Engine-->MsiExec.exe /I{3018B943-C76C-44B0-B078-790A28CEF67E}

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}

Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Music Creator LE 5.0.6-->"C:\Program Files (x86)\Cakewalk\Music Creator LE 5\unins000.exe"

muvee autoProducer 6.1-->C:\Program Files (x86)\InstallShield Installation Information\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}\muveesetup.exe -removeonly -runfromtemp

My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

PhotoShow Deluxe 4-->"C:\Program Files (x86)\Simple Star\PhotoShow 4\data\Xtras\Uninstall.exe"

PlayReady PC runtime-->MsiExec.exe /X{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}

Power2Go-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall

PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

PSE10 STI Installer-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{11D08055-939C-432b-98C3-E072478A0CD7}"

Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}

Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}

QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}

Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709

Safari-->MsiExec.exe /I{FA4C2D53-205F-4245-9717-F3761154824D}

Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly

Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}

SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {897A5D64-963A-3C11-A176-F6766BD09D16} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {2B41E73E-C850-36E1-8BF6-D286EF80688D} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{73CC972E-6ABF-456B-9E1E-BADC0E65B57A}" "1033" "0"

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{D267D0F7-9770-467D-ACF3-FB2F7E0AC532}" "1033" "0"

Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{FDCB9E3E-FA40-40E9-AFF4-73BDE8E52205}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{CC39BA1F-7A25-440C-86A7-77E35D8CC88C}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{54A1B66B-F5B2-45AD-8B19-5F51A027A1B9}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{9FF4E0C9-11BB-4B32-AC5E-EAB896CB4216}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A5E549EB-FDD3-4CD1-8163-50D429A36516}" "1033" "0"

Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{65D5F36B-02AD-4EC5-BB54-E0B65E3777D9}" "1033" "0"

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{0A682BA4-3C78-42C3-8DDF-EB9A6ABE5535}" "1033" "0"

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{F8243081-3FB0-4EE8-9B2A-6F7D70AF5269}" "1033" "0"

Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat

sp41119-->c:\hp\Softpaq\sp41119\sp41119.exe

Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client

Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1033" "0"

Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0"

Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}" "1033" "0"

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1033" "0"

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1033" "0"

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{73E67A3A-8D61-44EF-90C2-1697C3DBE668}" "1033" "0"

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}" "1033" "0"

Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1033" "0"

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C4F26A9B-B121-4135-8084-A0D9C780C7C8}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{460FF681-BC66-4C38-99DF-7012E03F1EBA}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{C633216E-FF30-45B6-B2AB-21922A9353EF}" "1033" "0"

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0"

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0"

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{F1CBE095-403D-466D-BB13-B185A5F33231}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{47894754-0FEC-4920-9A65-6C1E732587AC}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0"

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}" "1033" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1033" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1033" "0"

Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"

Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}

Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}

Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F}

WebEx-->C:\PROGRA~3\WebEx\atcliun.exe

WildTangent Games App (HP Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\hp\Uninstall.exe"

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)-->rundll32.exe C:\PROGRA~1\DIFX\048B92BA3327CEF8\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_50c4b3e1\grmnusb.inf

Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\unyt.exe

Hosts File Missing

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: HP-PC

Event Code: 4374

Message: Windows Servicing identified that package KB2656362(Security Update) is not applicable for this system

Record Number: 250116

Source Name: Microsoft-Windows-Servicing

Time Written: 20120110212640.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

Computer Name: HP-PC

Event Code: 4374

Message: Windows Servicing identified that package KB2656362(Security Update) is not applicable for this system

Record Number: 250115

Source Name: Microsoft-Windows-Servicing

Time Written: 20120110212639.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

Computer Name: HP-PC

Event Code: 4374

Message: Windows Servicing identified that package KB2656362(Security Update) is not applicable for this system

Record Number: 250114

Source Name: Microsoft-Windows-Servicing

Time Written: 20120110212639.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

Computer Name: HP-PC

Event Code: 4374

Message: Windows Servicing identified that package KB2656362(Security Update) is not applicable for this system

Record Number: 250113

Source Name: Microsoft-Windows-Servicing

Time Written: 20120110212639.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

Computer Name: HP-PC

Event Code: 4374

Message: Windows Servicing identified that package KB2656362(Security Update) is not applicable for this system

Record Number: 250112

Source Name: Microsoft-Windows-Servicing

Time Written: 20120110212639.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: HP-PC

Event Code: 3011

Message: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Record Number: 49385

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20120224144821.000000-000

Event Type: Error

User:

Computer Name: HP-PC

Event Code: 3012

Message: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Record Number: 49384

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20120224144821.000000-000

Event Type: Error

User:

Computer Name: HP-PC

Event Code: 3011

Message: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Record Number: 49372

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20120224144058.000000-000

Event Type: Error

User:

Computer Name: HP-PC

Event Code: 3012

Message: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Record Number: 49371

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20120224144058.000000-000

Event Type: Error

User:

Computer Name: HP-PC

Event Code: 10

Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Record Number: 49364

Source Name: Microsoft-Windows-WMI

Time Written: 20120224143439.000000-000

Event Type: Error

User:

=====Security event log=====

Computer Name: HP-PC

Event Code: 4648

Message: A logon was attempted using explicit credentials.

Subject:

Security ID: S-1-5-18

Account Name: HP-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:

Target Server Name: localhost

Additional Information: localhost

Process Information:

Process ID: 0x288

Process Name: C:\Windows\System32\services.exe

Network Information:

Network Address: -

Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.

Record Number: 35000

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100524031611.159000-000

Event Type: Audit Success

User:

Computer Name: HP-PC

Event Code: 4672

Message: Special privileges assigned to new logon.

Subject:

Security ID: S-1-5-18

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 34999

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100523082244.901000-000

Event Type: Audit Success

User:

Computer Name: HP-PC

Event Code: 4624

Message: An account was successfully logged on.

Subject:

Security ID: S-1-5-18

Account Name: HP-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

Logon Type: 5

New Logon:

Security ID: S-1-5-18

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon ID: 0x3e7

Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:

Process ID: 0x288

Process Name: C:\Windows\System32\services.exe

Network Information:

Workstation Name:

Source Network Address: -

Source Port: -

Detailed Authentication Information:

Logon Process: Advapi

Authentication Package: Negotiate

Transited Services: -

Package Name (NTLM only): -

Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.

- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.

- Transited services indicate which intermediate services have participated in this logon request.

- Package name indicates which sub-protocol was used among the NTLM protocols.

- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Record Number: 34998

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100523082244.901000-000

Event Type: Audit Success

User:

Computer Name: HP-PC

Event Code: 4648

Message: A logon was attempted using explicit credentials.

Subject:

Security ID: S-1-5-18

Account Name: HP-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:

Target Server Name: localhost

Additional Information: localhost

Process Information:

Process ID: 0x288

Process Name: C:\Windows\System32\services.exe

Network Information:

Network Address: -

Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.

Record Number: 34997

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100523082244.901000-000

Event Type: Audit Success

User:

Computer Name: HP-PC

Event Code: 4905

Message: An attempt was made to unregister a security event source.

Subject

Security ID: S-1-5-18

Account Name: HP-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

Process:

Process ID: 0x1174

Process Name: C:\Windows\System32\VSSVC.exe

Event Source:

Source Name: VSSAudit

Event Source ID: 0x2c7f6e0

Record Number: 34996

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100523050040.427000-000

Event Type: Audit Success

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=1707

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat

"DFSTRACINGON"=FALSE

"OnlineServices"=Online Services

"Platform"=HPD

"PCBRAND"=Pavilion

"MSWorksProductCode"={15BC8CD0-A65B-47D0-A2DD-90A824590FA8}

"asl.log"=Destination=file;OnFirstLog=command,environment

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Link to post
Share on other sites

Make sure you are logged into an account that has administrator-level rights.

On most all of the programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

Do as much as possible of the following. If Step 1 is blocked for some reason, do proceed forward to the next Step.

Step 1

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 / 8 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

IF prompted to update Avast definitions, answer NO.

aswmbr-1_zps5bcff15d.gif

On the following screen:

aswmbr-2_zpse79f2c16.gif

uncheck trace disk IO calls at the bottom left :excl:

Now, Click the "Scan" button to start scan.

Have patience as it scans.

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me)

Now click save log, save it to your desktop and Copy & Paste in your next reply.

Do NOT click any Fix button.

EXIT the tool.

Step 2

Close any open work documents, if any, saving your work.

Make sure to close any other programs that you started before.

Please download Junkware Removal Tool by Thisisu to your Desktop.

  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7 or 8, right-mouse click JRT.exe and select Run as administrator.
  • The tool will open and display information and disclaimer in a Command prompt window.
  • I'd suggest you close all internet browsers at this point.
  • Press a key on keyboard to start scanning your system.
  • Please be very patient as this will take several minutes to complete, depending on your system's specifications.
  • There are approximatly 12 phases or so in this tool. You will see each phase listed in the Command prompt window.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open. And the command prompt will have been closed.
  • Please post the contents of JRT.txt into a new reply.
  • Re-enable your security software.

Step 3

Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • IF prompted to Reboot, reply "Yes".

Step 4

Go to Control Panel >> Programs and Features

and uninstall (remove) the following {as much as possible}

AVG 2013

any other AVG

Adobe Reader

Java all occurences of Java {if you must truly have, we'll get newest much later}

Close/exit Control Panel

Step 5

Most all antivirus programs still will leave traces after one uninstalls them.

Run the AVG Removal tool

Get the AVG Remover tool that is appropriate for your AVG from this download page http://www.avg.com/us-en/utilities

SAVE the tool to your Desktop.

When download is complete, locate the tool and do a Right-click & select Run as Administrator.

When all done, Logoff and Restart the system.

Next, do not use the system at all for anything else, before you install a new Antivirus program.

Step 6

IF you have been unable to remove AVG, then, STOP and tell me of that.

Now, you need to get & setup a new Antivirus. I highly urge you to not get another AVG. Of late, AVG imho has not been in the forefront of security apps.

Two good antivirus programs free for non-commercial home use are Avira Free Antivirus and Microsoft Security Essentials

Note: Get one of them. You should only have one antivirus installed at any time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

Download the setup program of the one you have chosen. Save it.

Then do a Right-click and select Run as Administrator.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.