Windows Firewall Authorization Driver - not present, not working, etc

Page 7 of 8 FirstFirst ... 5678 LastLast

  1. Posts : 678
    Windows 7 home premium 64 bit
    Thread Starter
       #61

    Jacee said:
    No, don't run OTL. I want you to upload this file --> C:\Users\Owner\AppData\Roaming\vmntemplate to VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
    On this laptop it is a folder, not a file, and the folder is empty. And I've changed the 'View Folders' options to enable viewing hidden system folders. There is another instance of vmntemplate on the laptop with an ext of .dll in an oovootoolbar folder.
      My Computer


  2. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #62

    Just a little input that may or may not help.
    About Virtual Machine Templates
      My Computer


  3. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #63

    boweasel said:
    Jacee said:
    No, don't run OTL. I want you to upload this file --> C:\Users\Owner\AppData\Roaming\vmntemplate to VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
    On this laptop it is a folder, not a file, and the folder is empty. And I've changed the 'View Folders' options to enable viewing hidden system folders. There is another instance of vmntemplate on the laptop with an ext of .dll in an oovootoolbar folder.
    Would that include "WhiteSmoke"? Scroll down to oovootoolbar...
    whitesmoketoolbar.dll Details. Is this file safe? Check the directory
    Certificate

    • Details: This file is not digitally signed.
    File Names

    • Filename: oovootoolbar.dll
    • Filename: dtband.dll
    • Filename: whitesmoketoolbar.dll
    Could I please have the RSIT log? You have so many toolbars loaded on this computer!!
      My Computer


  4. Posts : 678
    Windows 7 home premium 64 bit
    Thread Starter
       #64

    I'm unclear on a direction. The link you supplied indicates:

    File Names

    • Filenameovootoolbar.dll
    • Filename: dtband.dll
    • Filename: whitesmoketoolbar.dll

    Reported Behavior


    • Details: No suspicious behavior reported so far.
    that neither of those items exhibit anything suspicious. And yes, this laptop does have the whitesmoketoolbar.dll. Should I be deleting it?
      My Computer


  5. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #65

    Some people have reported that the whitesmoke toolbar has taken control over their IE and FireFox browsers.
      My Computer


  6. Posts : 678
    Windows 7 home premium 64 bit
    Thread Starter
       #66

    Jacee said:
    Could I please have the RSIT log? You have so many toolbars loaded on this computer!!
    Oops, sorry. I didn't see that you'd asked for this. I reran RSIT:

    Log.txt
    Logfile of random's system information tool 1.09 (written by random/random)
    Run by Owner at 2011-09-06 12:24:07
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 180 GB (80%) free of 226 GB
    Total RAM: 1979 MB (44% free)
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:24:12 PM, on 9/6/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Users\Owner\Downloads\RSIT.exe
    C:\Program Files (x86)\trend micro\Owner.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ˙ž127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (file missing)
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
    O10 - Broken Internet access because of LSP provider 'c:\windows\system32\nwprovau.dll' missing
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - https://www-secure.symantec.com/tech...bs/tgctlcm.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92B3BE0F-C1B5-4DF3-A4FB-4611CB16B819}: NameServer = 4.2.2.2,4.2.2.3
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton Security Suite (N360) - Unknown owner - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 9211 bytes
    ======Scheduled tasks folder======
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2559799070-2916064766-2587329467-1000Core.job
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2559799070-2916064766-2587329467-1000UA.job
    C:\Windows\tasks\HPCeeScheduleForOwner.job
    ======Registry dump======
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-04 42272]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
    "LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Vid"=C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [2009-04-30 5472016]
    "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-05-26 15147400]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2011-08-27 203776]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableSecureUIAPaths"=0
    "EnableUIADesktopToggle"=0
    "PromptOnSecureDesktop"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDesktopCleanupWizard"=1
    "NoDrives"=0
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvyu"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.i420"=lvcodec2.dll
    "vidc.yvu9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "msacm.siren"=sirenacm.dll
    "msacm.l3codecp"=l3codecp.acm
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv
    "wave1"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "aux1"=wdmaud.drv
    "wave2"=wdmaud.drv
    "midi2"=wdmaud.drv
    "mixer2"=wdmaud.drv
    "aux2"=wdmaud.drv
    "wave3"=wdmaud.drv
    "midi3"=wdmaud.drv
    "mixer3"=wdmaud.drv
    "aux3"=wdmaud.drv
    "wave4"=wdmaud.drv
    "midi4"=wdmaud.drv
    "mixer4"=wdmaud.drv
    "aux4"=wdmaud.drv
    "wave5"=wdmaud.drv
    "midi5"=wdmaud.drv
    "mixer5"=wdmaud.drv
    "aux5"=wdmaud.drv
    "wave6"=wdmaud.drv
    "midi6"=wdmaud.drv
    "mixer6"=wdmaud.drv
    "aux6"=wdmaud.drv
    ======File associations======
    .js - edit - C:\Windows\System32\Notepad.exe %1
    ======List of files/folders created in the last 1 month======
    2011-09-06 12:24:07 ----D---- C:\rsit
    2011-09-05 13:43:19 ----D---- C:\Windows\Minidump
    2011-09-05 00:21:49 ----D---- C:\_OTL
    2011-09-03 00:20:37 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
    2011-09-02 23:56:19 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    2011-09-02 22:24:55 ----SHD---- C:\$RECYCLE.BIN
    2011-09-02 22:19:58 ----A---- C:\ComboFix.txt
    2011-09-02 22:04:06 ----A---- C:\Windows\zip.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\SWSC.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\SWREG.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\sed.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\PEV.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\NIRCMD.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\MBR.exe
    2011-09-02 22:04:06 ----A---- C:\Windows\grep.exe
    2011-09-02 22:04:00 ----D---- C:\Windows\ERDNT
    2011-09-02 22:03:55 ----D---- C:\Qoobox
    2011-09-02 21:29:41 ----D---- C:\Program Files (x86)\Microsoft Security Client
    2011-09-02 15:13:01 ----D---- C:\ProgramData\NortonInstaller
    2011-09-02 14:35:56 ----D---- C:\Program Files (x86)\ESET
    2011-09-01 23:22:27 ----D---- C:\Program Files (x86)\Common Files\Java
    2011-09-01 23:22:12 ----A---- C:\Windows\SysWOW64\javaws.exe
    2011-09-01 23:22:12 ----A---- C:\Windows\SysWOW64\javaw.exe
    2011-09-01 23:22:12 ----A---- C:\Windows\SysWOW64\java.exe
    2011-09-01 01:54:29 ----D---- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
    2011-09-01 01:53:46 ----D---- C:\ProgramData\SUPERAntiSpyware.com
    2011-09-01 00:05:32 ----D---- C:\Program Files (x86)\Trend Micro
    2011-08-31 12:54:06 ----A---- C:\Windows\ntbtlog.txt
    2011-08-31 03:30:04 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
    2011-08-29 20:19:22 ----D---- C:\Users\Owner\AppData\Roaming\Malwarebytes
    2011-08-29 20:19:09 ----D---- C:\ProgramData\Malwarebytes
    2011-08-29 20:19:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\wininet.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\urlmon.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\msrating.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\msls31.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\jsproxy.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\jscript9.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\jscript.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\iertutil.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\iepeers.dll
    2011-08-27 05:58:44 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\wextract.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\webcheck.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\vbscript.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\url.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\pngfilt.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\occache.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\mshtmler.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\mshtmled.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\mshtml.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\mshta.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\msfeeds.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\licmgr10.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\inseng.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\imgutil.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\iexpress.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieui.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\iesysprep.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\iesetup.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\iernonce.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieframe.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieakui.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieaksie.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ieakeng.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\icardie.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\dxtrans.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
    2011-08-27 05:58:43 ----A---- C:\Windows\SysWOW64\admparse.dll
    2011-08-26 16:04:45 ----HD---- C:\Windows\update.8.1
    2011-08-24 19:21:17 ----D---- C:\Windows\pss
    2011-08-23 18:55:56 ----A---- C:\Windows\SysWOW64\tzres.dll
    2011-08-20 08:14:43 ----D---- C:\Windows\Sun
    2011-08-19 12:53:48 ----D---- C:\Program Files (x86)\Common Files\Adobe
    2011-08-19 12:49:30 ----D---- C:\Users\Owner\AppData\Roaming\Itibiti
    2011-08-19 12:49:07 ----D---- C:\Program Files (x86)\Itibiti Soft Phone
    2011-08-19 12:49:05 ----SHD---- C:\Windows\SysWOW64\AI_RecycleBin
    2011-08-19 12:49:00 ----D---- C:\ProgramData\W3i
    2011-08-19 12:49:00 ----D---- C:\Program Files (x86)\W3i
    2011-08-19 12:48:41 ----D---- C:\Program Files (x86)\IMinent Toolbar
    2011-08-19 12:48:37 ----D---- C:\Program Files (x86)\fbDownloader
    2011-08-19 12:48:29 ----D---- C:\ProgramData\IMinent
    2011-08-19 12:48:27 ----D---- C:\Program Files (x86)\Iminent
    2011-08-19 12:47:55 ----D---- C:\Program Files (x86)\Shop To Win
    2011-08-19 12:36:28 ----D---- C:\Windows\ufa
    2011-08-19 12:35:51 ----D---- C:\Firefox
    2011-08-19 12:35:04 ----SHD---- C:\Windows\SysWOW64\%APPDATA%
    2011-08-19 12:34:28 ----D---- C:\Users\Owner\AppData\Roaming\vmntemplate
    2011-08-19 12:34:28 ----D---- C:\Users\Owner\AppData\Roaming\oovootoolbar
    2011-08-19 12:33:18 ----A---- C:\Windows\unrar.exe
    2011-08-19 12:33:13 ----A---- C:\Windows\Paltalk Messenger Setup Log.txt
    2011-08-19 12:32:03 ----D---- C:\Windows\av_ico
    2011-08-19 12:30:05 ----HD---- C:\Windows\update.tray-10-0-lnk
    2011-08-19 12:30:05 ----HD---- C:\Windows\update.tray-10-0
    2011-08-11 14:24:27 ----A---- C:\Windows\SysWOW64\xmllite.dll
    2011-08-11 14:24:24 ----A---- C:\Windows\SysWOW64\odbctrac.dll
    2011-08-11 14:24:24 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
    2011-08-11 14:24:24 ----A---- C:\Windows\SysWOW64\odbccu32.dll
    2011-08-11 14:24:24 ----A---- C:\Windows\SysWOW64\odbccr32.dll
    2011-08-11 14:24:24 ----A---- C:\Windows\SysWOW64\odbccp32.dll
    2011-08-11 14:23:37 ----A---- C:\Windows\SysWOW64\setup16.exe
    2011-08-11 14:23:37 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
    2011-08-11 14:23:37 ----A---- C:\Windows\SysWOW64\KernelBase.dll
    2011-08-11 14:23:37 ----A---- C:\Windows\SysWOW64\kernel32.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2011-08-11 14:23:36 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2011-08-11 14:23:36 ----A---- C:\Windows\SysWOW64\wow32.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-08-11 14:23:35 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2011-08-11 14:23:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2011-08-11 14:23:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-08-11 14:23:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2011-08-11 14:23:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2011-08-11 14:23:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2011-08-11 14:23:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-08-11 14:23:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2011-08-11 14:23:31 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2011-08-11 14:23:31 ----A---- C:\Windows\SysWOW64\user.exe
    2011-08-11 14:23:31 ----A---- C:\Windows\SysWOW64\instnm.exe
    2011-08-11 14:23:25 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
    2011-08-11 14:23:23 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
    ======List of files/folders modified in the last 1 month======
    2011-09-06 12:24:12 ----D---- C:\Windows\Prefetch
    2011-09-06 12:24:00 ----D---- C:\Windows\Temp
    2011-09-05 13:49:32 ----D---- C:\Users\Owner\AppData\Roaming\Skype
    2011-09-05 13:43:19 ----D---- C:\Windows
    2011-09-05 03:54:28 ----D---- C:\Windows\System32
    2011-09-05 03:54:28 ----D---- C:\Windows\inf
    2011-09-05 00:23:01 ----D---- C:\Windows\SysWOW64
    2011-09-05 00:21:56 ----D---- C:\Program Files (x86)
    2011-09-03 05:25:35 ----SHD---- C:\System Volume Information
    2011-09-03 05:18:31 ----D---- C:\Windows\winsxs
    2011-09-03 05:18:16 ----D---- C:\Program Files (x86)\Internet Explorer
    2011-09-03 04:24:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2011-09-03 04:24:46 ----D---- C:\Config.Msi
    2011-09-03 04:22:33 ----SHD---- C:\Windows\Installer
    2011-09-03 04:22:33 ----SD---- C:\ProgramData\Microsoft
    2011-09-03 04:21:48 ----D---- C:\ProgramData\Microsoft Help
    2011-09-03 04:18:59 ----RSD---- C:\Windows\assembly
    2011-09-03 04:18:17 ----RSD---- C:\Windows\Fonts
    2011-09-03 04:18:09 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
    2011-09-03 01:56:59 ----D---- C:\Windows\Tasks
    2011-09-03 01:56:44 ----D---- C:\Windows\registration
    2011-09-03 01:56:41 ----D---- C:\Users\Owner\AppData\Roaming\Macromedia
    2011-09-03 01:28:55 ----D---- C:\Windows\Microsoft.NET
    2011-09-02 22:39:41 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
    2011-09-02 22:38:32 ----RD---- C:\Program Files
    2011-09-02 22:35:53 ----D---- C:\ProgramData\Recovery
    2011-09-02 22:15:24 ----A---- C:\Windows\system.ini
    2011-09-02 22:12:57 ----D---- C:\ProgramData
    2011-09-02 22:12:46 ----D---- C:\Windows\Downloaded Program Files
    2011-09-02 22:09:32 ----D---- C:\Windows\SysWOW64\drivers
    2011-09-02 22:09:32 ----D---- C:\Windows\AppPatch
    2011-09-02 22:09:30 ----D---- C:\Program Files (x86)\Common Files
    2011-09-01 23:22:00 ----D---- C:\Program Files (x86)\Java
    2011-09-01 14:55:27 ----D---- C:\Program Files (x86)\Yontoo Layers Runtime
    2011-09-01 14:55:27 ----D---- C:\Program Files (x86)\PageRage
    2011-09-01 14:53:53 ----D---- C:\Program Files (x86)\Zynga
    2011-09-01 14:53:53 ----D---- C:\Program Files (x86)\oovootoolbar
    2011-09-01 14:53:53 ----D---- C:\Program Files (x86)\myYearbook Toolbar
    2011-09-01 14:53:53 ----D---- C:\Program Files (x86)\ConduitEngine
    2011-09-01 02:40:35 ----D---- C:\Program Files (x86)\iWin Games
    2011-09-01 00:05:33 ----SD---- C:\Users\Owner\AppData\Roaming\Microsoft
    2011-08-31 23:33:06 ----D---- C:\Windows\rescache
    2011-08-31 06:59:54 ----D---- C:\Program Files (x86)\Windows Media Player
    2011-08-31 06:59:54 ----D---- C:\Program Files (x86)\Windows Defender
    2011-08-31 06:59:49 ----D---- C:\Windows\SysWOW64\wbem
    2011-08-31 06:59:49 ----D---- C:\Windows\SysWOW64\migration
    2011-08-31 06:59:49 ----D---- C:\Windows\SysWOW64\com
    2011-08-31 06:59:49 ----D---- C:\Windows\servicing
    2011-08-31 06:59:49 ----D---- C:\Windows\IME
    2011-08-31 06:59:49 ----D---- C:\Program Files (x86)\Windows Sidebar
    2011-08-31 06:59:49 ----D---- C:\Program Files (x86)\Common Files\System
    2011-08-31 06:59:35 ----D---- C:\Windows\AppCompat
    2011-08-31 06:59:29 ----D---- C:\ProgramData\Yahoo! Companion
    2011-08-31 06:59:28 ----D---- C:\Program Files (x86)\ooVoo
    2011-08-31 06:59:28 ----D---- C:\Program Files (x86)\Microsoft Works
    2011-08-31 06:59:28 ----D---- C:\Program Files (x86)\HP
    2011-08-31 06:56:45 ----D---- C:\Windows\SysWOW64\config
    2011-08-31 06:53:42 ----RD---- C:\Users
    2011-08-31 06:53:40 ----D---- C:\Users\Owner\AppData\Roaming\Yahoo!
    2011-08-31 06:53:39 ----D---- C:\Users\Owner\AppData\Roaming\ArcSoft
    2011-08-31 06:52:51 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2011-08-31 06:52:49 ----D---- C:\ProgramData\Easybits GO
    2011-08-31 06:52:46 ----D---- C:\Program Files (x86)\QuickTime
    2011-08-30 13:41:30 ----D---- C:\Windows\SoftwareDistribution
    2011-08-28 19:25:40 ----D---- C:\Users\Owner\AppData\Roaming\go
    2011-08-27 06:13:42 ----D---- C:\Windows\SysWOW64\en-US
    2011-08-27 06:13:42 ----D---- C:\Windows\PolicyDefinitions
    2011-08-27 06:02:43 ----D---- C:\Program Files (x86)\Windows Portable Devices
    2011-08-27 06:02:43 ----D---- C:\Program Files (x86)\Windows Photo Viewer
    2011-08-27 06:02:43 ----D---- C:\Program Files (x86)\Windows Mail
    2011-08-27 06:02:39 ----D---- C:\Windows\ehome
    2011-08-27 06:02:37 ----D---- C:\Windows\SysWOW64\da-DK
    2011-08-27 06:02:36 ----D---- C:\Windows\SysWOW64\oobe
    2011-08-27 06:02:35 ----D---- C:\Windows\SysWOW64\Setup
    2011-08-27 06:02:35 ----D---- C:\Windows\SysWOW64\manifeststore
    2011-08-27 06:02:35 ----D---- C:\Windows\SysWOW64\en
    2011-08-27 06:02:35 ----D---- C:\Windows\SysWOW64\cs-CZ
    2011-08-27 06:02:35 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
    2011-08-27 06:02:34 ----D---- C:\Windows\SysWOW64\sppui
    2011-08-27 06:02:34 ----D---- C:\Windows\SysWOW64\migwiz
    2011-08-27 06:02:34 ----D---- C:\Windows\SysWOW64\es-ES
    2011-08-27 06:02:34 ----D---- C:\Windows\SysWOW64\Dism
    2011-08-27 05:58:50 ----D---- C:\Windows\Logs
    2011-08-27 05:53:59 ----A---- C:\Windows\SysWOW64\msclmd.dll
    2011-08-24 19:29:42 ----D---- C:\Users\Owner\AppData\Roaming\FrostWire
    2011-08-20 08:46:21 ----A---- C:\ProgramData\HPWALog.txt
    2011-08-19 12:53:50 ----D---- C:\ProgramData\Adobe
    2011-08-19 12:53:48 ----D---- C:\Program Files (x86)\Adobe
    2011-08-19 12:34:19 ----D---- C:\Program Files (x86)\Paltalk Messenger
    2011-08-19 12:34:10 ----D---- C:\Windows\PaltalkScene
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0308000.029\SYMEFA64.SYS []
    R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys []
    R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\N360x64\0308000.029\ccHPx64.sys []
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-07-27 481912]
    R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS []
    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
    R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS []
    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio64.sys []
    R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
    R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys []
    R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys []
    R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
    R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
    R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
    R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
    R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
    R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMFW.SYS []
    R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS []
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys []
    S1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110818.030\IDSvia64.sys []
    S1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS []
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys []
    S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    S3 dc3d;MS Hardware Device Detection Driver (HID); C:\Windows\system32\DRIVERS\dc3d.sys []
    S3 HP8107Fltr;HP-HP8107; C:\Windows\system32\DRIVERS\HP8107.sys []
    S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys []
    S3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys []
    S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
    S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
    S3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys []
    S3 LVUVC64;Logitech Webcam 200(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
    S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110818.021\ENG64.SYS []
    S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110818.021\EX64.SYS []
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS []
    S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
    S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
    S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
    S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
    S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
    S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
    S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
    S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
    S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
    R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
    R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
    R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-09-24 125440]
    R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-13 20992]
    R2 iWinTrusted;iWinTrusted; C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2010-04-14 78104]
    R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 190488]
    R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
    R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
    R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 N360;Norton Security Suite; C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe /s N360 /m C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\diMaster.dll /prefetch:1 []
    S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
    S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
    S4 YahooAUService;Yahoo! Updater; C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
    -----------------EOF-----------------
      My Computer


  7. Posts : 678
    Windows 7 home premium 64 bit
    Thread Starter
       #67

    Info.txt

    info.txt logfile of random's system information tool 1.09 2011-09-06 12:24:15
    ======Uninstall list======
    Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
    -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"
    -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
    -->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE
    Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex
    Adobe Reader 9.4.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
    Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
    AIM 7-->C:\Program Files (x86)\AIM\uninst.exe
    Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
    Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
    ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F5E0EA53-30F6-4F21-8B8E-1FC16A66B76A}\Setup.exe" -l0x9
    ArcSoft MediaImpression 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EAD52F56-4E36-47C0-B117-836D15FC5B0B}\Setup.exe" -l0x9
    ArcSoft Panorama Maker 4-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}\Setup.exe" -l0x9
    ArcSoft Photo Book Screen Saver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2}\Setup.exe" -l0x9
    ArcSoft PhotoStudio Darkroom 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40DA94AF-34B7-4BA7-A37F-26F899C031FF}\Setup.exe" -l0x9
    ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1AlbumPage
    ArcSoft Print Creations - Brochures & Flyers-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1Brochure
    ArcSoft Print Creations - Funhouse II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1HouseFun
    ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1Funhouse
    ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1GreetingCard
    ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1PhotoBook
    ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1Calendar
    ArcSoft Print Creations - Photo Prints-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1PhotoPrint
    ArcSoft Print Creations - Poster Creator-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1Poster
    ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1ScrapBook
    ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9 -1Slimline
    ArcSoft Print Creations-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F03EC055-F34E-4F6B-A684-8A370E11A304}\Setup.exe" -l0x9
    ArcSoft RAW Thumbnail Viewer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{82FAC25D-D0E1-4D60-9268-F3DD958BF052}\Setup.exe" -l0x9
    ArcSoft Scan-n-Stitch Deluxe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{363188E4-1A27-4DE6-BA48-823D2E205385}\Setup.exe" -l0x9
    ArcSoft Video Downloader-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C8B44566-839A-459C-A73D-49764CE216CC}\Setup.exe" -l0x9
    Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Atheros Driver Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0009
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Conduit Engine -->C:\Program Files (x86)\ConduitEngine\ConduitEngineUninstall.exe engine
    CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
    CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
    CyberLink MediaShow-->"C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\setup.exe" /z-uninstall
    CyberLink MediaShow-->"C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\setup.exe" /z-uninstall
    CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
    CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
    DealRunner 1.26-->"C:\Program Files (x86)\DealRunner\unins000.exe"
    Download Updater (AOL LLC)-->C:\Program Files (x86)\Common Files\Software Update Utility\uninstall.exe
    fbDownloader 1.0.2.0-->C:\Program Files (x86)\fbDownloader\uninstall fbDownloader.exe
    FrostWire 4.20.2-->C:\Program Files (x86)\FrostWire\Uninstall.exe
    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
    HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
    HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
    HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0009 uninst
    HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17B4760F-334B-475D-829F-1A3E94A6A4E6}\setup.exe" -l0x9 -removeonly
    HP Smart Web Printing-->msiexec /i{49A143E9-4A6A-43E7-86B1-388194C79248}
    HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}\setup.exe" -runfromtemp -l0x0409 -removeonly
    HP Update-->MsiExec.exe /X{D46D081B-F60E-467E-A7C4-117B70D76731}
    HP User Guides 0156-->MsiExec.exe /X{64A7418C-6BD4-48BE-A2E3-CAEC3BCD9E81}
    HP Wireless Assistant-->MsiExec.exe /X{54CC7901-804D-4155-B353-21F0CC9112AB}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    IMinent Toolbar-->MsiExec.exe /X{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
    Iminent-->C:\Program Files (x86)\Iminent\IMBooster\inst\Bootstrapper\Bootstrapper.exe uninstall
    Iminent-->MsiExec.exe /X{7782C171-0E16-47B7-805C-401080068B07}
    InstallIQ Updater-->MsiExec.exe /X{294A2E0E-3A0B-4D1F-8282-11DEF2040227}
    Itibiti RTC-->MsiExec.exe /I{730E03E4-350E-48E5-9D3E-4329903D454D}
    iWin Games (remove only)-->"C:\Program Files (x86)\iWin Games\Uninstall.exe"
    Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Knctr-->"C:\Program Files (x86)\Itibiti Soft Phone\unins000.exe"
    LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
    LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
    Logitech Vid-->MsiExec.exe /I{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
    Malwarebytes' Anti-Malware version 1.51.1.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
    Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
    Motorola Driver Installation-->MsiExec.exe /I{70CCD7C5-39E3-40C4-92CB-0A4281CE3B99}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    muvee Reveal-->MsiExec.exe /X{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}
    myYearbook Toolbar-->C:\Program Files (x86)\myYearbook Toolbar\Uninst.exe
    Norton Security Suite-->C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\7190B588\3.8.0.41\InstStub.exe /X
    ooVoo Toolbar-->C:\Program Files (x86)\oovootoolbar\uninstall.exe
    ooVoo-->MsiExec.exe /X{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}
    PageRage Toolbar-->C:\Program Files (x86)\PageRage\uninstall.exe toolbar
    Paltalk Messenger-->"C:\Windows\PaltalkScene\uninstall.exe" "/U:C:\Program Files (x86)\Paltalk Messenger\irunin.xml"
    PokerStars.net-->"C:\Program Files (x86)\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net
    Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
    PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
    PriceGong 2.5.1-->C:\Program Files (x86)\PriceGong\uninst.exe
    QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
    QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
    Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
    Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -l0x0009 -removeonly
    Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
    Shop To Win-->"C:\Program Files (x86)\Shop To Win\unins000.exe"
    Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
    Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
    Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
    Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
    Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
    Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D53FB73-9826-4541-B2E0-A239C6EBA718}
    Update for Microsoft Office Word 2007 (KB974631)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {34726474-50D6-49FC-B8AC-35411459D27A}
    Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
    Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
    Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
    Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
    Windows Live Movie Maker-->MsiExec.exe /X{3D5044A5-97B8-45C0-B956-BB2376569188}
    Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
    Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}
    Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
    Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
    Yahoo! Software Update-->C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE
    Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE
    Zynga Toolbar-->C:\PROGRA~2\Zynga\UNWISE.EXE /U C:\PROGRA~2\Zynga\INSTALL.LOG
    ======Hosts File======
    ::1 localhost
    ======System event log======
    Computer Name: Owner-PC
    Event Code: 1014
    Message: Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
    Record Number: 20658
    Source Name: Microsoft-Windows-DNS-Client
    Time Written: 20100802031218.180370-000
    Event Type: Warning
    User: NT AUTHORITY\NETWORK SERVICE
    Computer Name: Owner-PC
    Event Code: 10016
    Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {B77C4C36-0154-4C52-AB49-FAA03837E47F}
    and APPID
    {EA022610-0748-4C24-B229-6C507EBDFDBB}
    to the user Owner-PC\Owner SID (S-1-5-21-2559799070-2916064766-2587329467-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    Record Number: 20625
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20100802013305.000000-000
    Event Type: Error
    User: Owner-PC\Owner
    Computer Name: Owner-PC
    Event Code: 10016
    Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {B77C4C36-0154-4C52-AB49-FAA03837E47F}
    and APPID
    {EA022610-0748-4C24-B229-6C507EBDFDBB}
    to the user Owner-PC\Owner SID (S-1-5-21-2559799070-2916064766-2587329467-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    Record Number: 20606
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20100802000422.000000-000
    Event Type: Error
    User: Owner-PC\Owner
    Computer Name: Owner-PC
    Event Code: 7011
    Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    Record Number: 20438
    Source Name: Service Control Manager
    Time Written: 20100731153249.682010-000
    Event Type: Error
    User:
    Computer Name: Owner-PC
    Event Code: 7011
    Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    Record Number: 20334
    Source Name: Service Control Manager
    Time Written: 20100731000648.102206-000
    Event Type: Error
    User:
    =====Application event log=====
    Computer Name: Owner-PC
    Event Code: 80
    Message: Activation context generation failed for "C:\Program Files (x86)\Paltalk Messenger\paltalk.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
    Record Number: 1703
    Source Name: SideBySide
    Time Written: 20100127135806.000000-000
    Event Type: Error
    User:
    Computer Name: Owner-PC
    Event Code: 11
    Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 764) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
    Record Number: 1595
    Source Name: Microsoft-Windows-RPC-Events
    Time Written: 20100123015935.370817-000
    Event Type: Warning
    User: NT AUTHORITY\LOCAL SERVICE
    Computer Name: Owner-PC
    Event Code: 1530
    Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
    DETAIL -
    1 user registry handles leaked from \Registry\User\S-1-5-21-2559799070-2916064766-2587329467-1000:
    Process 408 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2559799070-2916064766-2587329467-1000
    Record Number: 1544
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20100122000006.060304-000
    Event Type: Warning
    User: NT AUTHORITY\SYSTEM
    Computer Name: Owner-PC
    Event Code: 35
    Message: Activation context generation failed for "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1521
    Source Name: SideBySide
    Time Written: 20100121180254.000000-000
    Event Type: Error
    User:
    Computer Name: Owner-PC
    Event Code: 63
    Message: Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
    Record Number: 1520
    Source Name: SideBySide
    Time Written: 20100121180123.000000-000
    Event Type: Error
    User:
    =====Security event log=====
    Computer Name: Owner-PC
    Event Code: 4624
    Message: An account was successfully logged on.
    Subject:
    Security ID: S-1-5-18
    Account Name: OWNER-PC$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7
    Logon Type: 5
    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}
    Process Information:
    Process ID: 0x1fc
    Process Name: C:\Windows\System32\services.exe
    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -
    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0
    This event is generated when a logon session is created. It is generated on the computer that was accessed.
    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 37493
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110206163030.395632-000
    Event Type: Audit Success
    User:
    Computer Name: Owner-PC
    Event Code: 4634
    Message: An account was logged off.
    Subject:
    Security ID: S-1-5-21-2559799070-2916064766-2587329467-1000
    Account Name: Owner
    Account Domain: Owner-PC
    Logon ID: 0x9c738f
    Logon Type: 7
    This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
    Record Number: 37492
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110206163025.795369-000
    Event Type: Audit Success
    User:
    Computer Name: Owner-PC
    Event Code: 4634
    Message: An account was logged off.
    Subject:
    Security ID: S-1-5-21-2559799070-2916064766-2587329467-1000
    Account Name: Owner
    Account Domain: Owner-PC
    Logon ID: 0x9c73a3
    Logon Type: 7
    This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
    Record Number: 37491
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110206163025.795369-000
    Event Type: Audit Success
    User:
    Computer Name: Owner-PC
    Event Code: 4672
    Message: Special privileges assigned to new logon.
    Subject:
    Security ID: S-1-5-21-2559799070-2916064766-2587329467-1000
    Account Name: Owner
    Account Domain: Owner-PC
    Logon ID: 0x9c738f
    Privileges: SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 37490
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110206163025.782368-000
    Event Type: Audit Success
    User:
    Computer Name: Owner-PC
    Event Code: 4624
    Message: An account was successfully logged on.
    Subject:
    Security ID: S-1-5-18
    Account Name: OWNER-PC$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7
    Logon Type: 7
    New Logon:
    Security ID: S-1-5-21-2559799070-2916064766-2587329467-1000
    Account Name: Owner
    Account Domain: Owner-PC
    Logon ID: 0x9c73a3
    Logon GUID: {00000000-0000-0000-0000-000000000000}
    Process Information:
    Process ID: 0x1c0
    Process Name: C:\Windows\System32\winlogon.exe
    Network Information:
    Workstation Name: OWNER-PC
    Source Network Address: 127.0.0.1
    Source Port: 0
    Detailed Authentication Information:
    Logon Process: User32
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0
    This event is generated when a logon session is created. It is generated on the computer that was accessed.
    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 37489
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110206163025.782368-000
    Event Type: Audit Success
    User:
    ======Environment variables======
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=1
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    "PROCESSOR_REVISION"=170a
    "OnlineServices"=Online Services
    "Platform"=MCD
    "PCBRAND"=Presario
    "asl.log"=Destination=file;OnFirstLog=command,environment,parent
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    -----------------EOF-----------------
      My Computer


  8. Posts : 678
    Windows 7 home premium 64 bit
    Thread Starter
       #68

    Sorry Jaycee. My wife is leaving for a convention today, and she's taking the laptop with her. If you have any last thoughts, please let me know and I can pass them onto her, or take care of it when she gets back.

    Thanks again for all your help.
      My Computer


  9. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #69

    We need to take care of a couple things, still. The Hosts file looks like it's still messed up.

    Tell her to (right click, run as Administrator) start HijackThis! ... click 'Do a system scan and save log'

    When it's finished scanning, place a check mark next to:
    O1 - Hosts: ˙ž127.0.0.1 localhost

    Close all windows except HJT, then click 'fix checked'. Reboot the computer.

    Now, download the HostsXpert 4.3 - Hosts File Manager.
    • Unzip HostsXpert 4.3 - Hosts File Manager to a convenient folder such as C:\HostsXpert
    • Click HostsXpert.exe to Run HostsXpert 4.3 - Hosts File Manager from its new home
    • Click "Make Hosts Writable?" in the upper right corner (If available).
    • Click Restore Microsoft's Hosts file and then click OK.
    • Click the X to exit the program.
    • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.


    Tell me how this goes ... and when she gets back, we can continue.
      My Computer


  10. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #70

    Got your pm ... glad everything is working!

    Let's remove the 'tools' I had you download. Click on the Start button () and then in the Search field enter
    combofix /uninstall
    Once you have typed this in, press Enter on your keyboard. An open File security warning will appear asking if you are sure you want to run ComboFix. Please click on the Run button to start the program.

    ComboFix will now uninstall itself from your computer and remove any backups and quarantined files. When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled. You can now delete the ComboFix.exe program from your computer. ComboFix has now been uninstalled from your Windows Vista or Windows 7 computer.
      My Computer


 
Page 7 of 8 FirstFirst ... 5678 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:09.
Find Us