Hi folks,
Bought a newer (windows7 vs XP) and I guess it came with some bugs. Here's what I can tell you...
Searchassist keeps hijacking my home page
Malwarebytes goes into a not reponding mode after finding a ton of items that need correction
Can't seem to get AVG2014 into this computer.
Here's the OTL log:
OTL logfile created on: 5/10/2014 8:28:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner.Hedgewytch-PC\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.94 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 66.80% Memory free
5.87 Gb Paging File | 4.28 Gb Available in Paging File | 72.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42.23 Gb Total Space | 7.10 Gb Free Space | 16.82% Space Free | Partition Type: NTFS
Drive D: | 255.86 Gb Total Space | 77.83 Gb Free Space | 30.42% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1201.60 Gb Free Space | 64.50% Space Free | Partition Type: NTFS
Computer Name: HEDGEWYTCH-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Owner.Hedgewytch-PC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\pcreg\pcreg.exe ()
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\SoftPlanet Software Assistant\spassist.exe (Secure Download Ltd.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - c:\Program Files\TS\MPKTS.dll ()
MOD - C:\Windows\System32\MPK\Mpk.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
========== Services (SafeList) ==========
SRV - (wdserver) -- C:\Program Files\WatchDog\wdserver.exe File not found
SRV - (vToolbarUpdater18.1.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe File not found
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (pcregservice) -- C:\Program Files\pcreg\pcreg.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MPKService) -- C:\Program Files\TS\MpkSrv.exe ()
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
========== Driver Services (SafeList) ==========
DRV - (vzandnetndis) -- system32\DRIVERS\lgvzandnetndis.sys File not found
DRV - (vzandnetmodem) -- system32\DRIVERS\lgvzandnetmdm.sys File not found
DRV - (vzandnetdiag2) -- system32\DRIVERS\lgvzandnetdiag2.sys File not found
DRV - (vzandnetdiag) -- system32\DRIVERS\lgvzandnetdiag.sys File not found
DRV - (sxuptp) -- system32\DRIVERS\sxuptp.sys File not found
DRV - (MRESP50) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS File not found
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found
DRV - (asd2fsm) -- system32\DRIVERS\asd2fsm.sys File not found
DRV - (a6yzkrg0) -- File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (NdisrdMP) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (Ndisrd) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (BCMH43XX) -- C:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (MAUSBJAMLAB) -- C:\Windows\System32\drivers\MAudioJamLab.sys (Avid Technology, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows ® 2000 DDK provider)
DRV - (ndicql) -- C:\Windows\System32\drivers\ndicql.sys (NT Kernel Resources)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKLM\..\SearchScopes,DefaultScope = {BA1BE292-1D15-488B-934D-008742212380}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}: "URL" = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A2 B5 81 BE 64 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {BA1BE292-1D15-488B-934D-008742212380}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8D5C4B23-2F5E-489D-80FF-FD763EC6D55D}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}: "URL" = http://www.SearchAss...m=1980&c=d&s=sp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Search "
FF - prefs.js..browser.search.defaultenginename: "Search "
FF - prefs.js..browser.search.defaultthis.engineName: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.searchass...=1980&c=d&s=sp"
FF - prefs.js..browser.search.order.1: "Search "
FF - prefs.js..browser.search.selectedEngine: "Search "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://www.searchass.../search?p=s&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Users\Hedgewytch\Music\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/24 12:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/09 19:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/09 19:28:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2014/04/30 20:56:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014/05/01 06:12:09 | 000,000,000 | ---D | M]
[2014/04/30 18:34:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Extensions
[2014/05/09 05:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Firefox\Profiles\391rpfz1.default-1398936320141\extensions
[2014/05/06 17:59:51 | 000,002,171 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\firefox\profiles\391rpfz1.default-1398936320141\searchplugins\search-.xml
[2014/05/09 19:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 19:28:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2011/10/19 13:48:44 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
O4 - Startup: C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=928 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A7196C0-70A5-4E78-83F5-933097E17B24}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\ts\mpkts.exe) - c:\Program Files\TS\MPKTS.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\MPK\mpk.exe) - C:\Windows\System32\MPK\MPK.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/03/17 13:53:06 | 000,000,000 | ---D | M] - F:\Automatically Add to iTunes -- [ NTFS ]
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell\AutoRun\command - "" = L:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co....hors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.JDCT - C:\Windows\System32\jl_jdct.drv (JEILIN Tech.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/05/09 19:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\AVG2014
[2014/05/09 06:18:52 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\PC Speed Maximizer
[2014/05/09 06:14:45 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\BrowserSafeguard
[2014/05/09 06:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\pcreg
[2014/05/09 06:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Maximizer
[2014/05/09 06:01:56 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/09 06:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,073,432 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/09 06:01:40 | 000,051,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/09 06:01:40 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/08 16:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/05/08 06:05:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Avg2014
[2014/05/08 06:04:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\MFAData
[2014/05/06 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/05/06 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/06 20:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/06 20:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2014/05/06 17:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\HpUpdate
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Skidoo
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Savage info
[2014/05/03 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Recipes
[2014/05/03 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\MP3 Rocket New
[2014/05/03 19:21:45 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Hygiene
[2014/05/03 19:21:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Franco Belge boiler
[2014/05/03 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Alex's Folder
[2014/05/02 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search_files
[2014/05/01 20:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/05/01 18:55:24 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\ElevatedDiagnostics
[2014/05/01 06:16:34 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Microsoft Office
[2014/05/01 06:15:54 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/01 06:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014/05/01 06:05:43 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft Help
[2014/05/01 06:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/01 05:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\OpenOffice.org
[2014/05/01 05:30:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 05:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/04/30 21:06:06 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\Add-in Express
[2014/04/30 21:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\SearchAssist.me
[2014/04/30 21:01:23 | 000,880,040 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 21:01:22 | 000,802,728 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:59:39 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Oracle
[2014/04/30 20:59:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/04/30 20:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/30 20:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/04/30 20:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/04/30 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/04/30 20:48:37 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:48:18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/30 20:48:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:48:17 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/30 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple
[2014/04/30 20:09:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\dvdcss
[2014/04/30 20:08:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\vlc
[2014/04/30 20:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/04/30 20:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/04/30 20:02:09 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple Computer
[2014/04/30 20:01:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\SoftPlanet
[2014/04/30 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\SoftPlanet Software Assistant
[2014/04/30 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Programs
[2014/04/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Macromedia
[2014/04/30 18:36:55 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Macromedia
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Mozilla
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Mozilla
[2014/04/30 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/04/30 18:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/04/30 17:50:35 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/30 17:50:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014/04/30 17:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2014/04/29 19:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\AVG Secure Search
[2014/04/29 19:54:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Adobe
[2014/04/29 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Apple Computer
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Searches
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/29 19:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/29 19:53:42 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Identities
[2014/04/29 19:53:39 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Contacts
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temporary Internet Files
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Templates
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Start Menu
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\SendTo
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Recent
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\PrintHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\NetHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Videos
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Pictures
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Music
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\My Documents
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Local Settings
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\History
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Cookies
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Application Data
[2014/04/29 19:50:01 | 000,000,000 | --SD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Videos
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Saved Games
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Pictures
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Music
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Links
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Favorites
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Downloads
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/29 19:50:01 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\TuneUp Software
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Media Center Programs
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\IObit
[2014/04/29 19:49:48 | 000,000,000 | ---D | C] -- C:\Microsoft
[2014/04/29 19:49:09 | 000,000,000 | ---D | C] -- C:\logs
[2014/04/18 15:02:04 | 000,199,960 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/10 08:08:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/10 08:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/09 23:08:15 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/09 17:52:52 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/09 17:48:48 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 17:48:48 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 17:43:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/09 17:43:02 | 2364,399,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/09 16:36:32 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/09 06:01:46 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/07 15:28:39 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/07 15:28:39 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/06 18:20:11 | 000,000,764 | RHS- | M] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/05/02 16:56:59 | 001,071,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/02 13:31:16 | 000,968,688 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/05/01 05:54:51 | 000,001,206 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2014/04/30 20:48:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:47:55 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:47:55 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:47:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:47:51 | 000,880,040 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 20:47:51 | 000,802,728 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:11:34 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 19:06:21 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/04/30 19:06:21 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/04/30 18:29:36 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 17:44:48 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2014/04/18 15:02:04 | 000,199,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/05/09 16:36:32 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/09 06:01:46 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/03 19:24:05 | 000,023,396 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\mad smile.JPG
[2014/05/02 13:31:12 | 000,968,688 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/05/01 05:54:51 | 000,001,206 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2014/04/30 20:03:21 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 18:29:36 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:51:37 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/29 19:53:59 | 000,001,426 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/29 19:53:18 | 000,000,764 | RHS- | C] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/04/29 19:50:02 | 000,000,290 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/29 19:50:02 | 000,000,272 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/18 16:18:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\createcert.exe
[2012/02/12 15:27:56 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Trance Pad
[2012/02/12 15:27:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/02/12 15:27:56 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Woodwind
[2012/02/12 15:27:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Track Settings
[2012/02/12 15:27:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/02/12 15:27:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\WebServer
[2012/02/12 15:27:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Themes
[2012/02/12 15:27:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/02/12 15:27:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Vocal Transformer
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/12 15:24:46 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/05/09 16:39:59 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\AVG2014
[2012/11/30 18:14:46 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\IObit
[2014/05/01 05:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\OpenOffice.org
[2014/04/30 20:59:39 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Oracle
[2011/05/04 08:56:43 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Trusteer
[2012/10/12 23:10:49 | 000,000,000 | ---D | M] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/13 22:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2009/07/13 22:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/10 17:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 17:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2012/01/12 14:37:57 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2012/01/12 14:37:57 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2012/01/12 14:37:58 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2012/01/12 14:37:58 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2012/01/12 14:37:57 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/13 22:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/13 22:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui
< MD5 for: EXPLORER.ZIP >
[2006/03/06 22:48:08 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
< MD5 for: IEXPLORE.EXE >
[2010/09/08 00:36:39 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=14803EA3E5DD7CB37CB446C74CFDA38F -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20795_none_b3c5cc459f4108f2\iexplore.exe
[2009/07/13 21:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_b346f9b4861b55c2\iexplore.exe
[2010/11/04 01:54:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=58CF468D3FF4CF830339FE5E45356355 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16700_none_b3987f3a85deec23\iexplore.exe
[2010/09/08 00:31:24 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=61EDBCE47ADF3E52AB0B9F49EE4AEBB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16671_none_b34dce2a8616cbea\iexplore.exe
[2010/11/04 01:54:59 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=6B2258FF6D2332073FE9E90122FA4168 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20831_none_b402ac8b9f13f917\iexplore.exe
[2011/05/13 11:26:31 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
[2011/05/13 11:26:31 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
[2010/12/18 01:32:25 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_b3e23cc79f2c4cea\iexplore.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2010/12/18 01:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_b384dff685ed56b3\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2011/05/13 11:26:32 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2011/05/13 11:26:32 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui
[2009/07/13 22:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_acf38f2bbdc896a9\iexplore.exe.mui
< MD5 for: SERVICES >
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.CFG >
[2013/05/10 03:57:30 | 000,558,879 | ---- | M] () MD5=3679F8D3253DC110D1D8F2AE115EE00C -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.LNK >
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2013/01/14 19:26:57 | 000,000,675 | ---- | M] () MD5=3798689958E194EB6A325CC34241F12B -- C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\66JQ3UE6\mochiads.com\services.mochiads.com.sol
< MD5 for: SERVICES.MOF >
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.RDB >
[2012/08/13 10:51:02 | 000,178,348 | ---- | M] () MD5=039C8CFBD74EE07F38CD9E4C7D95C5C6 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
[2012/08/13 10:51:02 | 000,000,453 | ---- | M] () MD5=3D2ADA15FEF5B5FF468243161543D610 -- C:\Program Files\OpenOffice.org 3\program\services.rdb
[2012/08/10 15:12:16 | 000,008,060 | ---- | M] () MD5=7CA7D7150EC46321162F932ADCF5F35B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
< MD5 for: WINLOGON.ADML >
[2009/07/13 22:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2009/07/13 22:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/10 17:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 17:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2009/07/13 22:05:28 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DB61D28A59DEE68F77811B291D83AD1B -- C:\Windows\System32\en-US\winlogon.exe.mui
[2009/07/13 22:05:28 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DB61D28A59DEE68F77811B291D83AD1B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_cacee7ae656a07ab\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/13 22:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl
[2009/07/13 22:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/13 16:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009/07/13 16:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2012/04/04 15:13:27 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/25 11:21:35 | 000,000,035 | ---- | M] () -- C:\aa.txt
[2009/06/10 17:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/06/22 22:50:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 17:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/06/26 10:22:33 | 000,000,090 | ---- | M] () -- C:\error.log
[2009/08/02 04:59:51 | 000,171,136 | RHS- | M] () -- C:\grldr
[2014/05/09 17:43:02 | 2364,399,616 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/16 15:43:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/05 18:52:59 | 000,001,087 | -H-- | M] () -- C:\IPH.PH
[2011/01/10 20:53:08 | 000,238,360 | RHS- | M] () -- C:\KNLXT
[2012/10/18 16:51:15 | 000,000,060 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/19 21:06:24 | 000,000,827 | ---- | M] () -- C:\net_save.dna
[2014/05/09 17:43:02 | 3152,535,552 | -HS- | M] () -- C:\pagefile.sys
[2012/10/18 16:50:57 | 000,000,176 | ---- | M] () -- C:\watchdog_main.txt
[2011/01/10 20:53:08 | 000,000,007 | RHS- | M] () -- C:\wedaolu
< %systemroot%\Fonts\*.com >
[2009/07/14 00:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 17:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/06/22 19:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2009/07/13 21:15:26 | 000,090,624 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL
[2009/07/13 21:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2012/11/09 15:07:39 | 000,052,648 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\spool\prtprocs\w32x86\LMIproc.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll
[2009/07/13 21:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/14 00:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is Windows 7
Volume Serial Number is AC6C-D771
Directory of C:\
07/14/2009 12:53 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Leapfrog\LeapFrog Connect\Mnt\00000E0300F16AB9
02/07/2012 02:40 PM <JUNCTION> 0 [\??\Volume{7a9070b6-0c2f-11e0-acaa-001aa06a468f}\]
01/18/2011 08:16 PM <JUNCTION> 1 [\??\Volume{806c9123-1d3a-11e0-9f41-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\ProgramData\Leapfrog\LeapFrog Connect\Mnt\00000E0300F8678C
09/26/2010 08:48 AM <JUNCTION> 0 [\??\Volume{1cb2f715-c2c5-11df-8cf8-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\ProgramData\Leapfrog\LeapFrog Connect\Mnt\00000E030103D449
01/18/2011 08:26 PM <JUNCTION> 0 [\??\Volume{806c913d-1d3a-11e0-9f41-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\ProgramData\Leapfrog\LeapFrog Connect\Mnt\000C000100036D30
08/15/2010 09:15 PM <JUNCTION> 0 [\??\Volume{96f5cb79-95b1-11df-b36c-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:53 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Leapfrog\LeapFrog Connect\Mnt\00000E0300F16AB9
02/07/2012 02:40 PM <JUNCTION> 0 [\??\Volume{7a9070b6-0c2f-11e0-acaa-001aa06a468f}\]
01/18/2011 08:16 PM <JUNCTION> 1 [\??\Volume{806c9123-1d3a-11e0-9f41-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Leapfrog\LeapFrog Connect\Mnt\00000E0300F8678C
09/26/2010 08:48 AM <JUNCTION> 0 [\??\Volume{1cb2f715-c2c5-11df-8cf8-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Leapfrog\LeapFrog Connect\Mnt\00000E030103D449
01/18/2011 08:26 PM <JUNCTION> 0 [\??\Volume{806c913d-1d3a-11e0-9f41-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Leapfrog\LeapFrog Connect\Mnt\000C000100036D30
08/15/2010 09:15 PM <JUNCTION> 0 [\??\Volume{96f5cb79-95b1-11df-b36c-001aa06a468f}\]
0 File(s) 0 bytes
Directory of C:\Users\Chloe.Hedgewytch-PC
08/27/2011 01:37 PM <JUNCTION> Application Data [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming]
08/27/2011 01:37 PM <JUNCTION> Cookies [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Cookies]
08/27/2011 01:37 PM <JUNCTION> Local Settings [C:\Users\Chloe.Hedgewytch-PC\AppData\Local]
08/27/2011 01:37 PM <JUNCTION> My Documents [C:\Users\Chloe.Hedgewytch-PC\Documents]
08/27/2011 01:37 PM <JUNCTION> NetHood [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/27/2011 01:37 PM <JUNCTION> PrintHood [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/27/2011 01:37 PM <JUNCTION> Recent [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Recent]
08/27/2011 01:37 PM <JUNCTION> SendTo [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\SendTo]
08/27/2011 01:37 PM <JUNCTION> Start Menu [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu]
08/27/2011 01:37 PM <JUNCTION> Templates [C:\Users\Chloe.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Chloe.Hedgewytch-PC\AppData\Local
08/27/2011 01:37 PM <JUNCTION> Application Data [C:\Users\Chloe.Hedgewytch-PC\AppData\Local]
08/27/2011 01:37 PM <JUNCTION> History [C:\Users\Chloe.Hedgewytch-PC\AppData\Local\Microsoft\Windows\History]
08/27/2011 01:37 PM <JUNCTION> Temporary Internet Files [C:\Users\Chloe.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Chloe.Hedgewytch-PC\AppData\LocalLow
06/09/2012 09:11 PM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\Chloe.Hedgewytch-PC\Documents
08/27/2011 01:37 PM <JUNCTION> My Music [C:\Users\Chloe.Hedgewytch-PC\Music]
08/27/2011 01:37 PM <JUNCTION> My Pictures [C:\Users\Chloe.Hedgewytch-PC\Pictures]
08/27/2011 01:37 PM <JUNCTION> My Videos [C:\Users\Chloe.Hedgewytch-PC\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:53 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 12:53 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:53 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:53 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:53 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:53 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:53 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Owner.Hedgewytch-PC
04/29/2014 07:50 PM <JUNCTION> Application Data [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming]
04/29/2014 07:50 PM <JUNCTION> Cookies [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Cookies]
04/29/2014 07:50 PM <JUNCTION> Local Settings [C:\Users\Owner.Hedgewytch-PC\AppData\Local]
04/29/2014 07:50 PM <JUNCTION> My Documents [C:\Users\Owner.Hedgewytch-PC\Documents]
04/29/2014 07:50 PM <JUNCTION> NetHood [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/29/2014 07:50 PM <JUNCTION> PrintHood [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/29/2014 07:50 PM <JUNCTION> Recent [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Recent]
04/29/2014 07:50 PM <JUNCTION> SendTo [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\SendTo]
04/29/2014 07:50 PM <JUNCTION> Start Menu [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu]
04/29/2014 07:50 PM <JUNCTION> Templates [C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Owner.Hedgewytch-PC\AppData\Local
04/29/2014 07:50 PM <JUNCTION> Application Data [C:\Users\Owner.Hedgewytch-PC\AppData\Local]
04/29/2014 07:50 PM <JUNCTION> History [C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\History]
04/29/2014 07:50 PM <JUNCTION> Temporary Internet Files [C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Owner.Hedgewytch-PC\Documents
04/29/2014 07:50 PM <JUNCTION> My Music [C:\Users\Owner.Hedgewytch-PC\Music]
04/29/2014 07:50 PM <JUNCTION> My Pictures [C:\Users\Owner.Hedgewytch-PC\Pictures]
04/29/2014 07:50 PM <JUNCTION> My Videos [C:\Users\Owner.Hedgewytch-PC\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
07/14/2010 09:23 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
07/14/2010 09:23 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2010 09:23 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
07/14/2010 09:23 PM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
07/14/2010 09:23 PM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2010 09:23 PM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2010 09:23 PM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2010 09:23 PM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2010 09:23 PM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2010 09:23 PM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
07/14/2010 09:23 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
07/14/2010 09:23 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/14/2010 09:23 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
07/14/2010 09:23 PM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
07/14/2010 09:23 PM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
07/14/2010 09:23 PM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
93 Dir(s) 7,628,742,656 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/04/30 17:50:18 | 000,000,221 | -HS- | M] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:8927A071
< End of report >
OTL Extras logfile created on: 5/10/2014 8:28:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner.Hedgewytch-PC\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.94 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 66.80% Memory free
5.87 Gb Paging File | 4.28 Gb Available in Paging File | 72.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42.23 Gb Total Space | 7.10 Gb Free Space | 16.82% Space Free | Partition Type: NTFS
Drive D: | 255.86 Gb Total Space | 77.83 Gb Free Space | 30.42% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1201.60 Gb Free Space | 64.50% Space Free | Partition Type: NTFS
Computer Name: HEDGEWYTCH-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B30493-13DF-4EAA-97F4-F52D776A43E9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{07356D7C-CE71-47B5-86C2-F933F0EA6393}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FEA8598-15DB-4040-A88F-187A533B26B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{10ABE36A-C35A-4E15-92C7-8B12DDAAA586}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{141FACE5-FF69-4CC5-8784-E7611271BA13}" = lport=57361 | protocol=17 | dir=in | name=pando media booster |
"{2597B390-FF01-4946-89F3-FE30643E0E49}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27309E6D-72DF-4409-B54F-B880EAF3BD25}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2E19C089-5BF6-47CA-8485-596A2BC6A172}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{305B6F9C-F565-4497-9DD3-50E53A34EDED}" = lport=57361 | protocol=17 | dir=in | name=pando media booster |
"{37597987-5823-49A7-A293-72FB3D87D4D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{3A7ED880-1E02-4E48-8240-2C20DBAA31C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3AA161E3-61E7-429F-A324-19CAEAFFE331}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3AE93058-DDCB-4F13-87B2-3C1762CB87B7}" = lport=57361 | protocol=6 | dir=in | name=pando media booster |
"{49B6476E-084A-426B-B229-688DB37595C8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4AD2861A-AC0F-46C5-92CD-844193E0C585}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4BF7E1B9-94FB-4A8F-9F62-A9812CE6EA93}" = lport=139 | protocol=6 | dir=in | app=system |
"{4D7E64D5-53F6-4A4D-8682-11EA230B91A4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F1BB712-EAEF-4998-B299-6DDFD9B6ADC7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6A441C71-5054-4099-93F0-0B2A7ABC1976}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6E64DEB9-DE92-4DD8-8761-A4DBC137054D}" = lport=137 | protocol=17 | dir=in | app=system |
"{771EEDAE-ADB2-4C75-BF94-5B6DA9F0E371}" = lport=57361 | protocol=6 | dir=in | name=pando media booster |
"{78397EF8-F768-4406-9D7D-2895D6970C1D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{79F526A5-E9E2-417F-A60B-872A5CAA5356}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7CD364B1-78A5-4BF0-B30E-915D96C644F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{801AD91F-FFCB-4E7E-9B35-645D8F0479D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{94AA8CB2-2C86-47AB-AB0A-4EC283697C40}" = lport=138 | protocol=17 | dir=in | app=system |
"{9D1AAAC9-D355-4666-800F-D54D9DA16475}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB5B169F-710F-480E-894E-DD8A825AC87C}" = rport=138 | protocol=17 | dir=out | app=system |
"{AFE404B0-D69C-42AC-97CC-6002C428E760}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B77DAF3B-B39C-4C89-AA6D-7CE8B5AC81AB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F015FF8A-C035-4105-A5D1-810976E8E767}" = rport=139 | protocol=6 | dir=out | app=system |
"{F53A523E-B10B-426A-939B-0125900EB4E3}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026938C1-E75D-4944-A937-2A78CBB83BD6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{038419CD-7552-4C28-BC39-944569944DE6}" = protocol=6 | dir=out | app=system |
"{066DA722-3485-4EBF-BA11-E193C6A093EA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0C93CE84-C6DC-4E7F-ACCA-5EFFD393DB8D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0FDCCDC8-6D86-442E-811A-C2F3B85CA2B5}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{119A813F-C574-4855-B627-8B457846EAE9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{13AC4119-D33D-478A-BF8A-D7369D2119ED}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{151D92E0-14FA-452D-AA0A-58E3F8BD9741}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{17F37FE1-4BA4-4D89-8492-0B5F146652CE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{184F5B6D-2FA3-4798-A224-FEF7A7E96872}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{18B5D197-97C3-47AF-8687-E8F90D9500CC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{1B3A6C17-E9C1-487A-8109-A83CBA4B781F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1C7C1C16-17E6-494D-BA44-E4584CC514A8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{2216956F-DCD1-465E-988D-0D939283800B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{2230EC7B-79DA-4130-9BAB-8CFAF7DA5EFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{228208A2-15CF-4DDF-B4FF-FB5F04400FE5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{25227A19-2490-45B8-892D-D81E6512C709}" = dir=out | app=c:\program files\pcreg\pcreg.exe |
"{280F39C5-4DF9-4615-AC27-25949D5ED1E8}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{2C1DE7EE-958B-4429-BB05-18C7A56F59BE}" = protocol=17 | dir=in | app=c:\program files\common files\motive\pcservicehost.exe |
"{2F1E1C18-EC4A-4113-95EB-4472A6895C3F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{335D12FF-BC9C-42DE-A3B1-C089DB748C4E}" = protocol=6 | dir=in | app=c:\program files\common files\motive\pcservicehost.exe |
"{354AD6C8-19C6-4E70-B21D-A0FB8B88F0B8}" = dir=in | app=c:\program files\pcreg\pcreg.exe |
"{381057EB-2159-45BB-90D1-17C1E60DAB15}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{38D4E084-F4AD-4AD2-882E-2D2695684B62}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3B614B98-F8D2-4EDE-A80E-8890B775A266}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4031E018-19CB-46F8-AE94-19F56B45B825}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{4633DEEB-A041-40EA-BBB0-3214665B463F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{47EF08B3-8CB0-4CB9-855F-8BD6FFA715CA}" = dir=in | app=c:\windows\system32\mpk\mpk.exe |
"{4867E63E-0619-4F14-B3F7-12D0CB2C471E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{494A2EE6-01ED-48CC-B108-179FE3DF7C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{4F3E0F18-5FB1-4B79-9419-3C1C7733B24F}" = protocol=17 | dir=in | app=c:\program files\common files\motive\pcservicehost.exe |
"{5876D980-207E-4168-8487-2C9FC1361D56}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{601DCF1C-E85C-4B26-9E26-1FDC09505522}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62798005-1F70-41CC-A834-0D01C760555A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{673D04A3-628F-4635-B7FA-8E94EDB447EE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{6CBF3DEA-57D1-4F9A-9E6A-CAFB45351A76}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{70418ED8-B39B-4D9A-BB19-2EBB66848AA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72CEC5D1-B3A8-43D8-9D07-A1FF426B7E43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73D995DD-C7E6-4318-9E7F-4B7A9CDF039A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{818177CF-8CAC-43E3-A537-9FB3A747D516}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82226699-667C-498C-8AB7-B12F32DB723D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{826253BB-6128-4C97-9233-2239A5BA60F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg family safety\inetctrl.exe |
"{84961887-1590-4CA2-866D-AEEC8611DBD7}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{84C262F0-CB5D-49CD-8A7C-DAA758010A05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85018F8E-8E68-4006-AD8A-C2BD61E3A9BF}" = dir=in | app=c:\windows\system32\mpk\mpk.exe |
"{86BC4C50-F8EB-4902-97BE-B7BEBB23E1B2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{887CEA08-4275-4DAA-B4C9-BDAB0DE8D219}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8A0B4188-D2A3-4EB9-A02D-92D1725A5E5D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{8D64D490-DCB8-40CE-AA20-9C6AE80393A5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{8DC2F333-7FCA-4266-A0AA-4F5E3249D80C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8E274980-F2AD-4F26-9938-863064DE9583}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{956C8D29-90E4-4D9C-95C2-71EA04A79822}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{95C1A92A-0C87-425D-B050-A26221CC8215}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9A7D6926-B946-4373-9F26-BDDBF1B934AD}" = dir=out | app=c:\program files\pcreg\service.exe |
"{9C1A9273-0E95-42A8-8A4A-AA0FF2EC1F2F}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{9D1498AA-A11E-436D-90D6-2EE77466EE72}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9FE40DA9-84B7-4292-8614-1A3B6DF71CE6}" = protocol=17 | dir=in | app=c:\program files\avg\avg family safety\inetctrl.exe |
"{A1658D0F-F5B6-4634-8E99-05A5B8F97701}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{A281687A-64A8-413F-A5CB-B7F7EB58B68E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A46E842A-EDAE-432D-B686-9828BCD87A69}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A49D1D44-D762-4BCA-B014-D400513E71AA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{A5F79874-5283-4119-B020-5B393F240F8D}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{AFE3D84E-FEE5-4FB5-9EC0-6EB2E8ED6158}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B13294FA-5614-41E2-9487-BE281DBE7863}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{B3254603-2819-464E-B695-9E66ACEA8491}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{B4926ADA-EAA6-4323-9B2A-C095D8455C32}" = dir=in | app=c:\program files\pcreg\service.exe |
"{B59AC9E5-B977-4815-9A29-D686AB13526A}" = protocol=17 | dir=in | app=c:\users\hedgewytch\appdata\local\temp\mig7619.tmp\migwiz.exe |
"{B72F2328-399C-4940-A63A-1F65AD9351BD}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B9B8D2C7-FD9D-4BE3-827B-BD645C85EF60}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{BD2A3A0A-CEA6-4AC1-8936-7820FED62A92}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{BEE4239F-7812-43DD-B178-2F08C5E7FA17}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{CAE44C39-76F5-4C2F-A4D7-3F89127EBF7E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{CDB45474-687A-48CF-8853-A7036293CD24}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{CE91CEDA-F2D5-47B2-B1A3-6627A73B7492}" = protocol=6 | dir=in | app=c:\users\hedgewytch\appdata\local\temp\mig7619.tmp\migwiz.exe |
"{D2D8EB78-797A-42ED-853E-44416FCF15BC}" = dir=in | app=c:\windows\system32\mpk\mpkview.exe |
"{D425E80D-A263-4802-A58E-5B3C7B0D6022}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D994C549-9615-4739-8C24-F3B48EA403DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9DB40C4-B5D7-45BC-A9B0-C7F7269870AA}" = dir=in | app=c:\windows\system32\mpk\mpkview.exe |
"{DBC94766-A641-4363-AACA-6E5B61009B46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{E11C4B61-A565-48CF-B227-3BC29F0E75C0}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{E1B989A4-E7A1-495E-9B45-97CDDEE5ADE9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{E70A3F73-9B47-4A1D-8297-45FD22C58ADE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{E8DA5881-7E20-44BE-86A1-760852573060}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{EE36770B-E807-43D3-9376-FA477E202E9A}" = protocol=6 | dir=in | app=c:\program files\common files\motive\pcservicehost.exe |
"{F1D5B571-414E-4D97-B579-2521D2188798}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F2C42180-F058-497F-A156-C3079B9B3994}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{F54B3A2D-C2C9-4EBC-846B-91E3E482CE09}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{FB9AECB8-C579-49FA-9B49-133D81261F6C}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{FD62ED91-7F90-4A2E-827A-01102EF61721}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE0EA323-E853-4364-B2B7-E85A14B98ADD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FFE833E3-02F0-4345-BE43-A1BD9288ECED}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{0BAA8B68-EAD3-4A8C-8A94-63C74C09C622}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{3FD9E0D9-A04F-4E4D-B282-240E2AACAB5C}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"TCP Query User{5493585A-7EAB-46C9-8A92-8E673196E55C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{8980F3C3-0DEB-47AB-B87E-038AB02F0B2F}C:\users\hedgewytch\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\hedgewytch\appdata\roaming\spotify\spotify.exe |
"TCP Query User{C9381835-A886-4781-9AA0-5E9F1B6E5C2B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{D8DC8133-2122-4537-9EBA-E87C67FA59F2}D:\udk\udk-2010-06\binaries\win32\udk.exe" = protocol=6 | dir=in | app=d:\udk\udk-2010-06\binaries\win32\udk.exe |
"TCP Query User{E28F433A-9E1F-48D5-9C33-A725938701C0}C:\program files\cdv software entertainment usa\the history channel great battles of rome\thcgbor.exe" = protocol=6 | dir=in | app=c:\program files\cdv software entertainment usa\the history channel great battles of rome\thcgbor.exe |
"TCP Query User{F5181190-3746-44FD-BCC8-71FD7609B910}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2DCBDAC8-920C-49E7-98D0-56B888057614}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{350FF9CE-CD35-4E43-9044-178A8BF92ECF}D:\udk\udk-2010-06\binaries\win32\udk.exe" = protocol=17 | dir=in | app=d:\udk\udk-2010-06\binaries\win32\udk.exe |
"UDP Query User{5E477B47-77AA-4411-9565-1765FCD1E427}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{6633A01E-13EA-4EC6-A543-E5DC8258ACEC}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{6DC83752-AF2C-40ED-82FB-2A7FF75B84F2}C:\users\hedgewytch\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\hedgewytch\appdata\roaming\spotify\spotify.exe |
"UDP Query User{733BAFAA-6C7B-4734-A293-E4BA912FD250}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{B0C6290B-46B8-4F69-AD93-5088FF196B1B}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{B3CD18F8-29D9-40CB-B068-3B145D4D24DB}C:\program files\cdv software entertainment usa\the history channel great battles of rome\thcgbor.exe" = protocol=17 | dir=in | app=c:\program files\cdv software entertainment usa\the history channel great battles of rome\thcgbor.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0C41D003-E38E-4C8A-BA67-AFF061E27F3F}" = Microsoft Mouse and Keyboard Center
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B50F09A-CDE0-4F33-A428-2E459CED07EF}" = WD Software Upgrader
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2F9DA9-F762-491A-9651-94C09FE9668D}" = AVG 2014
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E016C56-820F-4B2D-A36F-34CCADF90C16}" = Belkin USB Wireless Adaptor
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B1C2FDF5-0D3A-4CD0-AA83-B4C1002C776E}" = THE HISTORY CHANNEL Great Battles of Rome
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}" = EZXDfh
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}" = Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC)
"{F4735E8D-3570-4606-A4E9-0BE44F3B0DFC}" = AVG 2014
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"AVG" = AVG 2014
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GIMPshop" = GIMPshop .1 beta
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{6E016C56-820F-4B2D-A36F-34CCADF90C16}" = Belkin USB Wireless Adaptor
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"Mozilla Thunderbird (5.0)" = Mozilla Thunderbird (5.0)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Service Center" = Native Instruments Service Center
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Nvidia Omega Drivers for Windows Vistav1.169.25" = Nvidia Omega Drivers v1.169.25 Setup Files and Tools
"VLC media player" = VLC media player 2.1.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/19/2012 1:58:35 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13151
Error - 8/19/2012 1:58:36 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/19/2012 1:58:36 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14149
Error - 8/19/2012 1:58:36 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14149
Error - 8/19/2012 1:58:37 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/19/2012 1:58:37 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15179
Error - 8/19/2012 1:58:37 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15179
Error - 8/19/2012 1:58:38 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/19/2012 1:58:38 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16177
Error - 8/19/2012 1:58:38 AM | Computer Name = Hedgewytch-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16177
[ Media Center Events ]
Error - 7/13/2010 6:15:59 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:15:59 PM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 7/13/2010 6:16:04 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:02 PM - Failed to retrieve NetTV (Error: Unable to connect to
the remote server)
Error - 7/13/2010 6:16:06 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:05 PM - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 7/13/2010 6:16:08 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:07 PM - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
Error - 7/13/2010 6:16:11 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:10 PM - Failed to retrieve SportsSchedule (Error: Unable to connect
to the remote server)
Error - 7/13/2010 6:16:13 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:12 PM - Failed to retrieve SportsV2 (Error: Unable to connect
to the remote server)
Error - 7/13/2010 6:16:20 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 6:16:15 PM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 8/23/2010 7:27:05 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 7:27:04 PM - Error connecting to the internet. 7:27:05 PM - Unable
to contact server..
Error - 8/23/2010 7:27:39 PM | Computer Name = Hedgewytch-PC | Source = MCUpdate | ID = 0
Description = 7:27:34 PM - Error connecting to the internet. 7:27:34 PM - Unable
to contact server..
[ System Events ]
Error - 5/9/2014 5:43:36 PM | Computer Name = Hedgewytch-PC | Source = Service Control Manager | ID = 7000
Description = The MPK Service service failed to start due to the following error:
%%1053
Error - 5/9/2014 5:43:37 PM | Computer Name = Hedgewytch-PC | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater18.1.0 service failed to start due to the following
error: %%2
Error - 5/9/2014 5:43:37 PM | Computer Name = Hedgewytch-PC | Source = Service Control Manager | ID = 7000
Description = The WatchDog Network Server service failed to start due to the following
error: %%2
Error - 5/9/2014 5:44:26 PM | Computer Name = Hedgewytch-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
asd2fsm Null
Error - 5/9/2014 7:44:20 PM | Computer Name = Hedgewytch-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 5/9/2014 7:44:54 PM | Computer Name = Hedgewytch-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 5/9/2014 11:06:26 PM | Computer Name = Hedgewytch-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 5/9/2014 11:53:14 PM | Computer Name = Hedgewytch-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 5/9/2014 11:53:48 PM | Computer Name = Hedgewytch-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 5/10/2014 12:33:02 AM | Computer Name = Hedgewytch-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.
< End of report >
I'm guessing the previous owner named this computer Hedgewytch-PC?
I'm not attached to much on this computer that I don't have stored elsewhere so a complete wipe isn't out of the question if it will be easier.
Thanks for your help,
Bob