OTL logfile created on: 8/1/2014 1:16:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MIKE\Desktop\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 69.57% Memory free
4.96 Gb Paging File | 4.11 Gb Available in Paging File | 82.90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 805.74 Gb Free Space | 86.50% Space Free | Partition Type: NTFS
Drive D: | 7.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 69.23 Gb Total Space | 29.09 Gb Free Space | 42.01% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 175.56 Gb Free Space | 75.39% Space Free | Partition Type: NTFS
Computer Name: GCDI | User Name: MIKE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\MIKE\Desktop\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
PRC - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Modules (No Company Name) ==========
MOD - c:\Documents and Settings\MIKE\Application Data\1396467839\graphicsserver.dll ()
MOD - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ohnmkie.dll ()
MOD - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ciltadl.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
MOD - C:\Program Files\Gigabyte\EasySaver\ycc.dll ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe File not found
SRV - (9938A174) -- C:\WINDOWS\system32\9938A174.exe File not found
SRV - (7A2A25B2) -- C:\WINDOWS\system32\7A2A25B2.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (ES lite Service) -- C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe (SiSoftware)
SRV - (BCUService) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (pr2ah4nc) -- C:\WINDOWS\System32\pr2ah4nc.exe (CODEMASTERS)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (mosuport) -- system32\DRIVERS\mosuport.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\MIKE\LOCALS~1\Temp\catchme.sys File not found
DRV - (AODDriver) -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys File not found
DRV - (MpKslb1621762) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9EAF4220-BEDB-4DCF-A3A7-97E312F7A877}\MpKslb1621762.sys (Microsoft Corporation)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (GVTDrv) -- C:\WINDOWS\system32\drivers\GVTDrv.sys ()
DRV - (etdrv) -- C:\WINDOWS\etdrv.sys (Windows ® 2000 DDK provider)
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLTEAMING) -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS (Realtek Semiconductor Corporation)
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nusb3xhc) -- C:\WINDOWS\system32\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV - (nusb3hub) -- C:\WINDOWS\system32\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys (SiSoftware)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (RTLVLAN) -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS (Realtek Semiconductor Corporation )
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (RtNdPt5x) -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys (Realtek Semiconductor Corporation )
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SNP2STD) -- C:\WINDOWS\system32\drivers\snp2sxp.sys ()
DRV - (MarkFun_NT) -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 (Windows ® 2000 DDK provider)
DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys (D-Link )
DRV - (pe3ah4nc) -- C:\WINDOWS\system32\drivers\pe3ah4nc.sys (CODEMASTERS)
DRV - (ps6ah4nc) -- C:\WINDOWS\system32\drivers\ps6ah4nc.sys (CODEMASTERS)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (RemoteControl-USBLAN) -- C:\WINDOWS\system32\drivers\rcblan.sys (Belcarra Technologies)
DRV - (ET5Drv) -- C:\WINDOWS\system32\drivers\ET5Drv.sys (Microsoft Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (sfvfs02) -- C:\WINDOWS\system32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) -- C:\WINDOWS\system32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\WINDOWS\system32\drivers\sfdrv01.sys (Protection Technology)
DRV - (LHidKE) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (sfhlp02) -- C:\WINDOWS\system32\drivers\sfhlp02.sys (Protection Technology)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (MDC8021X) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {1D0C0448-EB8B-4bc6-943B-AAC32A1C7BFC}
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {3906D159-82FC-450d-A57A-92D10437A2F5}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: idme%40abine.com:1.40.349
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\MIKE\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/03 09:27:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/06/19 03:51:35 | 000,000,000 | ---D | M]
[2010/03/27 01:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Extensions
[2014/03/06 00:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\sywhhfyw.default-1368204256093\extensions
[2014/03/06 00:12:32 | 000,000,000 | ---D | M] (MaskMe) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\sywhhfyw.default-1368204256093\extensions\idme@abine.com
[2013/06/26 12:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\sywhhfyw.default-1368204256093\extensions\ftd@ftd.com.xpi
[2014/06/19 03:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/06/19 03:51:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/06/19 03:51:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014/06/19 03:51:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/19 03:52:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2013/09/12 03:18:29 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_1\
CHR - Extension: Google Wallet = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: KeyBar 2.5 = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oblkmgkfjnmlkemjgheoidmmfncckcej\10.31.4.510_0\
CHR - Extension: KeyBar 2.5 = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oblkmgkfjnmlkemjgheoidmmfncckcej\10.31.4.510_0\nativeMessaging\nmHost
O1 HOSTS File: ([2014/07/14 15:01:03 | 000,449,906 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15470 more lines...
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5043442D-472D-5637-00A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe ()
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O4 - HKCU..\Run: [2211080937] c:\documents and settings\mike\application data\1396467839\graphicsserver.dll ()
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\MIKE\Local Settings\Application Data\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [IdeguXagqi] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IsemhAwixp] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" -scheduler File not found
O4 - HKCU..\Run: [Vecevegaiksuax] "C:\Documents and Settings\MIKE\Application Data\Noimcifi\kimavya.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: gigabyte.us ([www] https in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49581C7F-1CFC-4C55-B4EF-8588276CD04B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A58FF43-D0E1-4ABF-AF28-71D624F648EF}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ciltadl: DllName - (C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ciltadl.dll) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ciltadl.dll ()
O20 - Winlogon\Notify\ohnmkie: DllName - (C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ohnmkie.dll) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ohnmkie.dll ()
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/07/31 08:49:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 22:18:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/05/19 14:32:23 | 000,749,568 | R--- | M] (Codemasters Software Co.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/05/01 05:26:01 | 000,000,067 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/02/11 21:54:47 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014/07/31 08:48:18 | 000,000,000 | ---D | M] - F:\AUTO -- [ NTFS ]
O32 - AutoRun File - [2006/02/11 21:54:47 | 000,000,000 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/11/28 12:44:10 | 008,188,928 | ---- | M] () - F:\Autotap 3.00.msi -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/08/01 12:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Desktop\OTL
[2014/08/01 00:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Desktop\screenshot
[2014/08/01 00:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Application Data\0c7610
[2014/08/01 00:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Local Settings\Application Data\0c7610
[2014/08/01 00:33:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Application Data\98132781
[2014/08/01 00:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Application Data\4073586247
[2014/08/01 00:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Local Settings\Application Data\2085198906
[2014/08/01 00:22:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Application Data\1396467839
[2014/07/31 09:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IdeguXagqi
[2014/07/31 08:59:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Application Data\Noimcifi
[2014/07/31 08:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IsemhAwixp
[2014/07/31 08:46:48 | 000,000,000 | -H-D | C] -- C:\c088cf6
[2014/07/31 04:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Start Menu\Programs\NetSurveillance
[2014/07/31 04:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\NetSurveillance
[2014/07/27 14:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Start Menu\Programs\CMS
[2014/07/27 14:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\CMS
[2014/07/24 04:12:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{18BE06AC-473B-448E-9193-AFA952B8E90B}
[2014/07/20 22:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\My Documents\process
[2014/07/19 02:22:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\My Documents\process expl
[2014/07/14 03:14:24 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/07/14 03:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/14 03:12:44 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/07/14 03:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/08/01 14:02:27 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\2302247755
[2014/08/01 14:00:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/08/01 14:00:06 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\1946099523
[2014/08/01 12:42:19 | 000,000,080 | ---- | M] () -- C:\WINDOWS\System32\qtfv.idw
[2014/08/01 12:38:56 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/08/01 12:32:37 | 000,019,756 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014/08/01 12:30:23 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\1233740586
[2014/08/01 12:30:21 | 000,012,664 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/08/01 12:28:43 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2014/08/01 12:28:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/01 03:03:01 | 000,055,468 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/08/01 03:03:01 | 000,055,468 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/08/01 03:03:01 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/08/01 01:12:52 | 000,000,032 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\1131910924
[2014/07/31 12:33:29 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2014/07/31 12:33:29 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2014/07/31 09:49:07 | 000,008,198 | ---- | M] () -- C:\Documents and Settings\All Users\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:07 | 000,000,274 | ---- | M] () -- C:\Documents and Settings\All Users\DECRYPT_INSTRUCTION.URL
[2014/07/31 09:49:06 | 000,008,198 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:06 | 000,000,274 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DECRYPT_INSTRUCTION.URL
[2014/07/31 08:49:10 | 000,000,280 | ---- | M] () -- C:\Boot.bak
[2014/07/29 23:43:29 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\MIKE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/27 14:01:39 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\MIKE\Desktop\CMS.lnk
[2014/07/26 01:25:18 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/07/24 02:16:19 | 000,000,358 | RHS- | M] () -- C:\boot.ini
[2014/07/20 17:09:37 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/07/18 13:35:08 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/07/15 02:30:31 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7256C714-F702-4676-8958-FD1AD3CD13D2}.job
[2014/07/15 02:30:26 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/07/15 02:30:20 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/07/15 02:30:15 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:30:09 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:30:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:29:58 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:29:52 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:29:47 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:29:40 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2014/07/15 02:29:35 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/07/15 02:29:29 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/07/15 02:29:09 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2014/07/15 02:29:03 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003UA.job
[2014/07/15 02:28:53 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003Core1cc6f98ed6cb1dc.job
[2014/07/15 02:28:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/15 02:28:32 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/15 02:28:04 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/07/14 15:01:03 | 000,449,906 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/07/14 03:13:17 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/08/01 00:35:55 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\1131910924
[2014/08/01 00:35:03 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\1946099523
[2014/08/01 00:33:50 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\2302247755
[2014/08/01 00:22:41 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\1233740586
[2014/07/31 09:49:12 | 000,008,198 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:12 | 000,008,198 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:12 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.URL
[2014/07/31 09:49:12 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.URL
[2014/07/31 09:49:07 | 000,008,198 | ---- | C] () -- C:\Documents and Settings\All Users\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:07 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\All Users\DECRYPT_INSTRUCTION.URL
[2014/07/31 09:49:06 | 000,008,198 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:06 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DECRYPT_INSTRUCTION.URL
[2014/07/31 06:58:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/07/27 14:01:39 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\MIKE\Desktop\CMS.lnk
[2014/07/14 03:13:17 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2013/10/30 01:55:30 | 000,000,289 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/06/13 00:47:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\$_hpcst$.hpc
[2012/10/03 06:41:44 | 000,262,144 | ---- | C] () -- C:\WINDOWS\tsnp2std.exe
[2012/10/03 06:41:43 | 012,212,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2012/10/03 06:41:43 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2012/10/03 06:41:43 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2012/10/03 06:41:42 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2012/10/03 06:41:41 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2012/09/16 02:48:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/09/16 02:48:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/09/16 02:48:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/09/16 02:48:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/09/16 02:48:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/10 13:38:33 | 001,098,800 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/09/10 13:38:33 | 001,098,800 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/09/10 13:38:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/14 05:06:20 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\MIKE\default.pls
[2011/11/28 05:08:50 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MIKE\RoomEQWizardV5-Path
[2011/07/22 10:26:46 | 001,146,752 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-2000478354-839522115-1003-0.dat
[2011/07/22 10:26:45 | 000,145,058 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/01/24 02:47:44 | 010,964,992 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2010/03/29 07:58:51 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\MIKE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010/03/27 18:47:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/09/20 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2012/12/05 03:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2012/12/05 03:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2011/08/08 01:10:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/04/04 14:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2013/10/29 05:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2012/09/29 08:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2014/07/31 09:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IdeguXagqi
[2014/07/31 08:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsemhAwixp
[2010/07/13 10:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MoTeC
[2010/05/08 11:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Music Coach
[2011/11/10 12:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2014/07/31 08:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2013/12/11 13:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/04/08 02:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2014/07/31 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2010/04/04 13:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2014/07/31 09:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2014/07/24 04:12:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{18BE06AC-473B-448E-9193-AFA952B8E90B}
[2014/08/01 00:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\0c7610
[2014/08/01 01:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\1396467839
[2014/08/01 00:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\4073586247
[2014/08/01 00:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\98132781
[2012/12/05 03:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Autodesk
[2014/01/15 22:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\bizarre creations
[2011/06/25 17:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/01/19 00:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Disney Interactive Studios
[2013/03/17 22:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\ElevatedDiagnostics
[2010/12/08 04:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\FUEL
[2014/07/31 09:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Image Zone Express
[2011/01/19 00:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Leadertech
[2014/06/18 11:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Music Coach
[2014/07/31 17:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Noimcifi
[2014/02/01 02:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Origin
[2011/05/24 00:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Sammsoft
[2011/10/13 23:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Singlesnet
[2013/03/11 06:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Visan
[2011/11/03 01:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\vmntemplate
[2013/01/12 00:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MIKE\Application Data\Zeon
========== Purity Check ==========
========== Custom Scans ==========
< In the window under Custom Scans/Fixes copy and paste the following >
Invalid Switch: Fixes copy and paste the following
< >
[2010/03/26 22:17:19 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010/03/26 22:22:39 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011/10/14 18:13:18 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2011/10/14 18:13:19 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2011/10/19 00:38:34 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003Core1cc6f98ed6cb1dc.job
[2011/10/19 00:38:35 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003UA.job
[2012/01/03 02:55:34 | 000,000,420 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7256C714-F702-4676-8958-FD1AD3CD13D2}.job
[2012/02/12 15:15:53 | 000,000,878 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012/02/12 15:15:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013/03/11 06:46:40 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
[2013/04/16 23:47:31 | 000,000,324 | ---- | C] () -- C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2013/04/16 23:47:33 | 000,000,298 | ---- | C] () -- C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2013/04/16 23:47:33 | 000,000,306 | ---- | C] () -- C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2013/08/30 04:24:26 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013/10/17 23:15:31 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2013/10/17 23:15:32 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job
[2013/10/29 23:46:52 | 000,000,644 | ---- | C] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2013/10/29 23:46:53 | 000,000,446 | ---- | C] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
[2013/10/29 23:46:53 | 000,000,616 | ---- | C] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/03/27 04:38:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/27 04:38:38 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
< >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2013/09/20 10:51:08 | 003,885,120 | ---- | M] (Safer-Networking Ltd.) MD5=CDEB46FE688F062D3033209B29755203 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2014/08/01 02:44:44 | 000,088,068 | ---- | M] () MD5=5BBEEA58C05E9F1C37A7A0F6B652731C -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.SCF >
[2004/08/04 07:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CHM >
[2009/02/21 01:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2004/08/04 07:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 08:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.CHW >
[2010/10/21 05:22:47 | 000,157,092 | ---- | M] () MD5=0C7430741204FB68EAD612AD88A5E92C -- C:\WINDOWS\Help\iexplore.chw
< MD5 for: IEXPLORE.EXE >
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2011/04/21 05:34:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=3E23DBEBE1020D52C63235E4189FAC03 -- C:\WINDOWS\$hf_mig$\KB2530548-IE7\SP3QFE\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\SoftwareDistribution\Download\88c63804b5f0c64f6faa724a1c0c9991\SP3GDR\iexplore.exe
[2008/04/13 19:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2011/04/21 05:58:25 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B6E13F9C120C776A89D783E26D6C15C5 -- C:\WINDOWS\ie8\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\SoftwareDistribution\Download\88c63804b5f0c64f6faa724a1c0c9991\SP3QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2007/08/13 18:43:56 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=DE49B348A18369B4626FBA1D49B07FB4 -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie7updates\KB2530548-IE7\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2004/08/04 07:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\ie7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 14:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2007/08/13 18:43:36 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=B58D8A1C7EE0E922EC7D2616DA136FC3 -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2014/08/01 14:51:31 | 000,050,150 | ---- | M] () MD5=43DAF0FD8E380D557A0CE7D36D919B90 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HLP >
[2004/08/04 07:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: SERVICES >
[2004/08/04 07:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.CFG >
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
[2014/05/08 06:21:20 | 000,559,489 | ---- | M] () MD5=E829329E4886E9A3540C62114FC8E145 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.CSS >
[2013/12/13 16:07:18 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 07:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
< MD5 for: SERVICES.EXE.LNK >
[2014/07/21 02:31:13 | 000,000,681 | ---- | M] () MD5=FA6CA830AF51B617BDDB98E19C412FCA -- C:\Documents and Settings\MIKE\Recent\services.exe.lnk
< MD5 for: SERVICES.EXE.TXT >
[2014/07/21 02:31:08 | 000,005,276 | ---- | M] () MD5=031F798EEECAF6E44271908565F523E5 -- C:\Documents and Settings\MIKE\My Documents\Downloads\services.exe.txt
< MD5 for: SERVICES.EXE-2F433351.PF >
[2014/08/01 12:28:34 | 000,015,012 | ---- | M] () MD5=0BCFE9AAE8B310FA1859E722C0B9618F -- C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
< MD5 for: SERVICES.INI >
[2013/12/13 16:07:18 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
< MD5 for: SERVICES.LNK >
[2013/10/19 23:28:11 | 000,001,602 | ---- | M] () MD5=CB825F5924BCCFCCF4620BE935441117 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >
[2004/08/04 07:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SERVICES.SBS >
[2011/03/01 01:00:00 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Includes\Services.sbs
[2011/03/01 02:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Updates\Extracts\Services.sbs
< MD5 for: SERVICES.SBS-20110301.CAB >
[2013/12/04 04:33:15 | 000,041,248 | ---- | M] () MD5=149FF3413EED31253183D6E65E383138 -- C:\Program Files\Spybot - Search & Destroy 2\Updates\Downloads\Services.sbs-20110301.cab
< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINLOGON.EXE-32C57D49.PF >
[2014/08/01 12:28:34 | 000,066,946 | ---- | M] () MD5=B3EDEDEDFEDBB9D7C70CB7285CA651E7 -- C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
< %SYSTEMDRIVE%\*.* >
[2014/07/31 08:48:26 | 000,004,376 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010/03/26 22:18:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2014/07/31 08:49:10 | 000,000,280 | ---- | M] () -- C:\Boot.bak
[2014/07/24 02:16:19 | 000,000,358 | RHS- | M] () -- C:\boot.ini
[2004/08/04 00:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2014/07/31 08:49:12 | 000,408,088 | ---- | M] () -- C:\ComboFix.txt
[2010/03/26 22:18:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2014/01/20 06:04:13 | 000,000,000 | ---- | M] () -- C:\END
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2010/03/26 23:56:45 | 000,000,197 | ---- | M] () -- C:\Install.log
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/03/26 22:18:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/07/31 18:43:25 | 000,003,858 | ---- | M] () -- C:\LGSInst.Log
[2013/10/17 10:44:03 | 000,002,212 | ---- | M] () -- C:\logFileUI.txt
[2010/03/26 22:18:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/03/30 12:53:25 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2014/08/01 12:27:27 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/03/26 23:54:18 | 000,002,834 | ---- | M] () -- C:\RHDSetup.log
[2010/04/02 13:48:57 | 000,005,694 | ---- | M] () -- C:\Sdicon32.ico
[2014/08/01 12:30:25 | 000,000,144 | ---- | M] () -- C:\service.log
[2012/03/04 03:53:42 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw
[2010/08/15 23:41:37 | 000,921,624 | ---- | M] () -- C:\snp2sxp-002.raw
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2010/03/26 22:18:41 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/05 20:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2006/11/05 20:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2014/07/31 09:49:30 | 000,008,198 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\DECRYPT_INSTRUCTION.HTML
[2014/07/31 09:49:30 | 000,004,144 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\DECRYPT_INSTRUCTION.TXT
[2014/07/31 09:49:30 | 000,000,274 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\DECRYPT_INSTRUCTION.URL
[2013/06/23 22:45:02 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
[2014/07/27 14:02:01 | 000,033,768 | ---- | M] () -- C:\Program Files\CMS Setup Log.txt
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 0C76-10E0
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
02/12/2014 04:19 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
02/12/2014 04:19 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/12/2014 04:21 AM <JUNCTION> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
02/12/2014 04:16 AM <JUNCTION> v4.0_4.0.0.0__31bf3856ad364e35
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
4 Dir(s) 864,938,004,480 bytes free
< %systemroot%\System32\config\*.sav >
[2010/03/26 15:31:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/03/26 15:31:39 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/03/26 15:31:39 | 000,933,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
[2011/01/18 23:58:44 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive Studios\Pure\Data\UI\HUD\bak
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/03/30 12:57:19 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/03/26 22:24:29 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2010/03/26 22:24:29 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\MIKE\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
[2004/12/09 17:23:46 | 000,013,022 | ---- | M] () -- C:\WINDOWS\snp2std.src
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
[2002/05/08 11:00:22 | 000,026,060 | ---- | M] () -- C:\WINDOWS\AppPatch\Custom\{70af630e-2e1b-470f-b600-9ae48f0b94d0}.sdb
[2011/12/19 03:04:46 | 000,000,698 | ---- | M] () -- C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-07-11 18:19:41
< End of report >
OTL Extras logfile created on: 8/1/2014 1:16:37 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MIKE\Desktop\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 69.57% Memory free
4.96 Gb Paging File | 4.11 Gb Available in Paging File | 82.90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 805.74 Gb Free Space | 86.50% Space Free | Partition Type: NTFS
Drive D: | 7.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 69.23 Gb Total Space | 29.09 Gb Free Space | 42.01% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 175.56 Gb Free Space | 75.39% Space Free | Partition Type: NTFS
Computer Name: GCDI | User Name: MIKE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3074:TCP" = 3074:TCP:*:Enabled:fuel
"3074:UDP" = 3074:UDP:*:Enabled:fuel
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"E:\Program Files\TmUnitedForever\TmForever.exe" = E:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Codemasters\GRID\GRID.exe" = C:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID -- (Codemasters)
"C:\Program Files\Codemasters\DiRT\DiRT.exe" = C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable -- (Codemasters)
"E:\Program Files\Activision Value\Baja 1000\Baja.exe" = E:\Program Files\Activision Value\Baja 1000\Baja.exe:*:Disabled:Baja -- ()
"C:\Program Files\real\realplayer\realplay.exe" = C:\Program Files\real\realplayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Codemasters\FUEL\FUEL.exe" = C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL -- (Codemasters)
"F:\GCDI\GCDI TECH\GCDI-TECH-INFO\PATTERN GENERATOR\PatGen.exe" = F:\GCDI\GCDI TECH\GCDI-TECH-INFO\PATTERN GENERATOR\PatGen.exe:*:Disabled:CalMAN Pattern Generator
"C:\Program Files\Electronic Arts\Need for Speed ProStreet\nfs.exe" = C:\Program Files\Electronic Arts\Need for Speed ProStreet\nfs.exe:*:Enabled:nfs -- ()
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Atari\TDU2\_UpLauncher.exe" = C:\Program Files\Atari\TDU2\_UpLauncher.exe:*:Enabled:UpLauncher
"C:\Program Files\Atari\TDU2\UpLauncher.exe" = C:\Program Files\Atari\TDU2\UpLauncher.exe:*:Enabled:UpLauncher -- (Eden Games)
"C:\Program Files\Atari\TDU2\TestDrive2.exe" = C:\Program Files\Atari\TDU2\TestDrive2.exe:*:Enabled:Test Drive Unlimited 2 -- (Eden Games)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Program Files\Steam\steamapps\common\xpand rally\xpandrally.exe" = E:\Program Files\Steam\steamapps\common\xpand rally\xpandrally.exe:*:Enabled:Xpand Rally
"E:\Program Files\Steam\steamapps\common\xpand rally\ChromEd.exe" = E:\Program Files\Steam\steamapps\common\xpand rally\ChromEd.exe:*:Enabled:Xpand Rally
"C:\Program Files\Gigabyte\@BIOS\gwflash.exe" = C:\Program Files\Gigabyte\@BIOS\gwflash.exe:*:Enabled:GBTFlash -- (TODO: <Company name>)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Program Files\Gigabyte\ET5\update.exe" = C:\Program Files\Gigabyte\ET5\update.exe:*:Enabled:ftptest -- ()
"C:\Documents and Settings\MIKE\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\MIKE\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\Common Files\Motive\pcServiceHost.exe" = C:\Program Files\Common Files\Motive\pcServiceHost.exe:*:Enabled:pcServiceHost
"E:\Program Files\steam\Steam.exe" = E:\Program Files\steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"E:\Program Files\steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe" = E:\Program Files\steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe:*:Enabled:RIDGE RACER™ Driftopia -- ()
"E:\Program Files\steam\SteamApps\common\GTI Racing\GTIRacing.exe" = E:\Program Files\steam\SteamApps\common\GTI Racing\GTIRacing.exe:*:Enabled:GTI Racing -- (Techland)
"C:\Program Files\Activision\Blur\Blur.exe" = C:\Program Files\Activision\Blur\Blur.exe:*:Enabled:Blur -- ()
"C:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe" = C:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe:*:Enabled:SHIFT 2 UNLEASHED™ -- (Electronic Arts Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"\??\C:\WINDOWS\system32\winlogon.exe" = \??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon -- (Microsoft Corporation)
"C:\Program Files\CMS\CMS.exe" = C:\Program Files\CMS\CMS.exe:*:Enabled:CMS -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B68109-F196-49A7-9286-C3DA440E4690}}_is1" = netKar PRO v1.3
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1
"{07AC0CAF-F5A2-4FFB-A2F6-DB4E059BE678}" = Music Coach Player
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{1064CABD-7390-4336-94E4-8A53DFBCB636}_is1" = GT Legends 1.1.0.0
"{1619204B-7F8C-4293-B342-5345721F4A1F}_is1" = GTR 2 1.0.0.0
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}" = D-Link DFE-530TX+
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{310609F9-5F1C-475C-A49D-8A2AC3D53022}" = Instant Play Electric Guitar 4 CD-ROM
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0728.1
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1
"{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}" = FlatOut 2
"{53CDAAAB-6D41-4A36-BAA4-90261DE31B13}" = NetZero For Cosmi
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision®
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70af630e-2e1b-470f-b600-9ae48f0b94d0}.sdb" = Disney Interactive Compatibility Update May 2002
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A7DBB4-D82B-4BC4-9FD4-0C1833E34784}" = CodeAxNew
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Digital Viewer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{817DE62F-5787-43BB-8877-5F81FAE5A823}" = ACUBE UniSSOTray V1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84C4714D-E6D2-4409-AE5C-F35F178C3F09}" = Forecaster HD
"{86076752-37A4-41E6-BFC4-73186683AF7B}" = Sprint Cars - Road to Knoxville
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA56678-A0C9-4D0F-90C5-3BCB2466BE5C}" = Instant Play Blues Guitar
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{AF5D2519-C6B4-4AFD-9A8D-FBF74DD4F0A0}" = HP Product Detection
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 140.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B762B2A5-883B-454B-A586-1DF6C4528262}" = MX-950 Editor
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011.SP4a
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D672018C-BCC5-4994-94FD-BF2EF24865F4}" = Autodesk Download Manager
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E33956B7-301C-429D-9E6C-2C12EACB8A62}" = NWZ-E340 WALKMAN Guide
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{FAC36425-4266-4DE4-9CB5-68FB4FB9385A}" = CalMAN Pattern Generator
"{FBF1656D-56D9-4507-BD67-D1DC8B90EC62}" = RadioTuna
"{FDC8065B-80DE-4466-B90B-2581F6D77DFF}" = Image Plugin
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AudioCS" = Creative Audio Control Panel
"AutoTap 3.1" = AutoTap 3.1
"Baja 1000" = SCORE International: Baja 1000
"CMS" = CMS
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"EasyTune5" = EasyTune5
"Google Chrome" = Google Chrome
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"HiDef Media Player" = HiDef Media Player 1.1.12
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo Creations" = HP Photo Creations
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}" = D-Link DFE-530TX+
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0728.1
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NetSurveillance" = NetSurveillance
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Origin" = Origin
"RACE 07 Offline_1.0_is1" = RACE 07 Offline
"RealPlayer 16.0" = RealPlayer
"rFactor" = rFactor (remove only)
"RoomEQWizardV5" = Room EQ Wizard V5
"SFBM" = SoundFont Bank Manager
"Speed Dreams" = Speed Dreams 1.4.0-r2307
"Steam" = Steam
"Steam App 226410" = RIDGE RACER™ Driftopia
"Steam App 3000" = GTI Racing
"SysInfo" = Creative System Information
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"USB Compound Device" = USB Compound Device
"VN_VUIns_Rhine_D-Link" = D-Link PCI Fast Ethernet Adapter
"WaveStudio 7" = Creative WaveStudio 7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"036a0e4fc6a247ec" = MyHarmony
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/14/2014 6:07:07 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10701.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 7/14/2014 2:11:43 PM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80501403, P2 moac, P3 cachedisabled, P4
4.3.215.0, P5 1.1.10701.0, P6 setorvalidatechangejournalid#1, P7 unspecified, P8
NIL, P9 NIL, P10 NIL.
Error - 7/14/2014 2:11:50 PM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80501403, P2 moac, P3 cachedisabled, P4
4.3.215.0, P5 1.1.10701.0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
Error - 7/14/2014 2:25:00 PM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80501403, P2 moac, P3 cachedisabled, P4
4.3.215.0, P5 1.1.10701.0, P6 setorvalidatechangejournalid#1, P7 unspecified, P8
NIL, P9 NIL, P10 NIL.
Error - 7/15/2014 4:35:43 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10701.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 7/29/2014 2:10:16 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.10802.0, P3 1.179.1461.0, P4 1.179.1461.0, P5 trojandropper_win32_bunitu.c,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 7/31/2014 7:55:05 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.10802.0, P3 1.179.1697.0, P4 1.179.1697.0, P5 exploit_java_obfuscator.w,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 7/31/2014 10:04:19 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10802.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 8/1/2014 1:08:24 AM | Computer Name = GCDI | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.10802.0, P3 1.179.1796.0, P4 1.179.1796.0, P5 behavior_win32_mptampersrp.a,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 8/1/2014 3:52:37 AM | Computer Name = GCDI | Source = Microsoft Management Console | ID = 1000
Description =
[ System Events ]
Error - 7/26/2014 5:33:48 PM | Computer Name = GCDI | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 7/26/2014 5:33:48 PM | Computer Name = GCDI | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
Error - 7/27/2014 2:54:09 PM | Computer Name = GCDI | Source = ps6ah4nc | ID = 262145
Description = Protection Synchronization Driver detected an internal error, contact
the customer support service.
Error - 7/27/2014 2:54:36 PM | Computer Name = GCDI | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058
Error - 7/27/2014 2:54:36 PM | Computer Name = GCDI | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 7/27/2014 2:54:36 PM | Computer Name = GCDI | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
Error - 7/29/2014 12:50:47 AM | Computer Name = GCDI | Source = ps6ah4nc | ID = 262145
Description = Protection Synchronization Driver detected an internal error, contact
the customer support service.
Error - 7/29/2014 12:51:16 AM | Computer Name = GCDI | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058
Error - 7/29/2014 12:51:16 AM | Computer Name = GCDI | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.
Error - 7/29/2014 12:51:16 AM | Computer Name = GCDI | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053
< End of report >