Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

FunWebProducts. Unable to delete

Started by mscott92 , Jul 18 2011 11:31 AM

  • This topic is locked This topic is locked

#1
mscott92
Posted 18 July 2011 - 11:31 AM

mscott92

    New Member

  • Member
  • Pip
  • 2 posts
Hi, I have just run a scan on Spybot Search & Destroy. The only infection it found was one entry, FunWebProducts. I instructed for it to be fix, but spybot was unable to fix the issue. Here is my OTL scan. There was also an extras.txt. Ill copy that as well. Thank you in advance for your time and help!

OTL logfile created on: 7/18/2011 12:21:31 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Kindle\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 57.23% Memory free
7.49 Gb Paging File | 5.70 Gb Available in Paging File | 76.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.88 Gb Total Space | 397.35 Gb Free Space | 88.72% Space Free | Partition Type: NTFS
Drive D: | 17.58 Gb Total Space | 2.80 Gb Free Space | 15.94% Space Free | Partition Type: NTFS
Drive F: | 62.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FLOWERPOWER | User Name: Kindle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/18 12:21:16 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Kindle\Desktop\OTL.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/11/30 02:23:56 | 001,037,672 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
PRC - [2010/11/30 02:23:56 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
PRC - [2010/11/30 02:23:44 | 001,029,480 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
PRC - [2010/11/30 02:23:44 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/07/12 13:23:24 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/06/25 08:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/06/14 18:16:46 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/14 18:14:50 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/12 21:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/04/23 18:20:50 | 003,790,104 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe


========== Modules (SafeList) ==========

MOD - [2011/07/18 12:21:16 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Kindle\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/07/01 16:40:20 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/07/01 16:40:14 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/06/24 00:57:48 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/18 18:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 15:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010/11/30 02:23:56 | 001,037,672 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService)
SRV - [2010/11/30 02:23:44 | 001,029,480 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/25 08:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/06/14 18:16:46 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/12 21:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/06/01 17:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/04/03 18:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/11 23:16:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 19:39:49 | 000,382,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/11/30 02:24:02 | 000,191,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymDSMon.sys -- (SymDSMon)
DRV:64bit: - [2010/11/30 02:24:02 | 000,163,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)
DRV:64bit: - [2010/09/13 17:00:08 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/07/12 13:43:39 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/07/12 13:43:39 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/07/01 16:40:26 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/25 22:01:04 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/06/25 01:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/24 02:38:58 | 006,792,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/24 00:24:34 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/06 08:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/29 08:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/04/24 02:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 02:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 02:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 02:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/10 01:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010/03/05 00:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/02 19:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/11 16:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 15:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 15:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/04/15 11:17:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2008/04/15 11:17:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV:64bit: - [2008/04/15 11:17:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2008/04/15 11:17:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2008/04/15 11:17:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbgps.sys -- (ZTEusbgps)
DRV:64bit: - [2008/04/15 11:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2011/07/13 16:52:34 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110715.032\IDSviA64.sys -- (IDSVia64)
DRV - [2011/06/10 00:37:09 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110717.002\EX64.SYS -- (NAVEX15)
DRV - [2011/06/10 00:37:09 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110717.002\ENG64.SYS -- (NAVENG)
DRV - [2011/05/26 00:13:15 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/26 00:13:15 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/19 14:37:05 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110701.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/11/30 02:24:00 | 000,108,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/07/05 14:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn\ [2011/05/02 17:39:48 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/07/18 10:46:15 | 000,435,740 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14993 more lines...
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/21 10:39:48 | 000,000,074 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{168e7aa1-6146-11e0-8574-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{168e7aa1-6146-11e0-8574-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{187654e7-588d-11e0-a230-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{187654e7-588d-11e0-a230-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{1a476f11-6064-11e0-a2ca-d2ccee786e0c}\Shell - "" = AutoRun
O33 - MountPoints2\{1a476f11-6064-11e0-a2ca-d2ccee786e0c}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{24cab9fa-5bc7-11e0-a9e5-f17a65b04f1a}\Shell - "" = AutoRun
O33 - MountPoints2\{24cab9fa-5bc7-11e0-a9e5-f17a65b04f1a}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{38077a6e-66db-11e0-b020-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{38077a6e-66db-11e0-b020-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{3e3205f3-996f-11e0-a083-97901f364f0d}\Shell - "" = AutoRun
O33 - MountPoints2\{3e3205f3-996f-11e0-a083-97901f364f0d}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{3f5526f1-596c-11e0-ae71-c55cd308d91a}\Shell - "" = AutoRun
O33 - MountPoints2\{3f5526f1-596c-11e0-ae71-c55cd308d91a}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4204be77-92c3-11e0-979c-82be9cf10766}\Shell - "" = AutoRun
O33 - MountPoints2\{4204be77-92c3-11e0-979c-82be9cf10766}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{45af7d0b-8b2e-11e0-aafe-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{45af7d0b-8b2e-11e0-aafe-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4e10fbfd-8e3d-11e0-ac82-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{4e10fbfd-8e3d-11e0-ac82-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4f7303e8-adad-11e0-add5-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7303e8-adad-11e0-add5-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4f7304ba-adad-11e0-add5-856b19bd2c1b}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7304ba-adad-11e0-add5-856b19bd2c1b}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4f7304ca-adad-11e0-add5-856b19bd2c1b}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7304ca-adad-11e0-add5-856b19bd2c1b}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{4f7304df-adad-11e0-add5-856b19bd2c1b}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7304df-adad-11e0-add5-856b19bd2c1b}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{51593951-3f6a-11e0-8f78-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{51593951-3f6a-11e0-8f78-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{51e8ad01-7cdb-11e0-aa93-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{51e8ad01-7cdb-11e0-aa93-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{567b3a75-6f53-11e0-a85b-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{567b3a75-6f53-11e0-a85b-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{567b3b63-6f53-11e0-a85b-e90782415610}\Shell - "" = AutoRun
O33 - MountPoints2\{567b3b63-6f53-11e0-a85b-e90782415610}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{5fe7377a-5f91-11e0-a988-89fc369c5628}\Shell - "" = AutoRun
O33 - MountPoints2\{5fe7377a-5f91-11e0-a988-89fc369c5628}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{7004a201-7a7c-11e0-bfc3-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{7004a201-7a7c-11e0-bfc3-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{7a3ffced-69f6-11e0-a12a-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3ffced-69f6-11e0-a12a-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{8d43288d-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d43288d-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8d432891-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d432891-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8d432893-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d432893-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8d432896-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d432896-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8d4328af-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d4328af-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8d432c31-3c7a-11e0-a02f-e76f55f5607a}\Shell - "" = AutoRun
O33 - MountPoints2\{8d432c31-3c7a-11e0-a02f-e76f55f5607a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{93ca17eb-870b-11e0-adc8-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{93ca17eb-870b-11e0-adc8-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{970ae770-a73e-11e0-a136-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{970ae770-a73e-11e0-a136-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{970ae78b-a73e-11e0-a136-b272f27ad077}\Shell - "" = AutoRun
O33 - MountPoints2\{970ae78b-a73e-11e0-a136-b272f27ad077}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{9ea184ec-712c-11e0-ac88-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{9ea184ec-712c-11e0-ac88-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{c1ed25ef-9115-11e0-9af7-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{c1ed25ef-9115-11e0-9af7-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{c626a082-75b7-11e0-9c39-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{c626a082-75b7-11e0-9c39-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{c626a19d-75b7-11e0-9c39-b6bd1b80a24d}\Shell - "" = AutoRun
O33 - MountPoints2\{c626a19d-75b7-11e0-9c39-b6bd1b80a24d}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{c626a1a4-75b7-11e0-9c39-b6bd1b80a24d}\Shell - "" = AutoRun
O33 - MountPoints2\{c626a1a4-75b7-11e0-9c39-b6bd1b80a24d}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{d1b7da13-4370-11e0-a175-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{d1b7da13-4370-11e0-a175-00a0c6000000}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{d1b7da1d-4370-11e0-a175-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{d1b7da1d-4370-11e0-a175-00a0c6000000}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{d70fe5ee-6ad0-11e0-a7ac-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{d70fe5ee-6ad0-11e0-a7ac-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{dbc06bf9-87eb-11e0-b911-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{dbc06bf9-87eb-11e0-b911-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{dcb2dc76-5ed1-11e0-b075-5aac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{dcb2dc76-5ed1-11e0-b075-5aac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{df78a111-7b11-11e0-aafa-5aac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{df78a111-7b11-11e0-aafa-5aac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{df78a173-7b11-11e0-aafa-5aac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{df78a173-7b11-11e0-aafa-5aac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{ec0f84e9-6c48-11e0-8040-5cac4cb62443}\Shell - "" = AutoRun
O33 - MountPoints2\{ec0f84e9-6c48-11e0-8040-5cac4cb62443}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{ec0f8617-6c48-11e0-8040-e3b786aca60d}\Shell - "" = AutoRun
O33 - MountPoints2\{ec0f8617-6c48-11e0-8040-e3b786aca60d}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{f64ad57c-9a77-11e0-be7b-cc66faed43e4}\Shell - "" = AutoRun
O33 - MountPoints2\{f64ad57c-9a77-11e0-be7b-cc66faed43e4}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{f64ad685-9a77-11e0-be7b-cc66faed43e4}\Shell - "" = AutoRun
O33 - MountPoints2\{f64ad685-9a77-11e0-be7b-cc66faed43e4}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{ff22d791-71a9-11e0-9c25-b1cebf80b236}\Shell - "" = AutoRun
O33 - MountPoints2\{ff22d791-71a9-11e0-9c25-b1cebf80b236}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{ff22d85e-71a9-11e0-9c25-b1cebf80b236}\Shell - "" = AutoRun
O33 - MountPoints2\{ff22d85e-71a9-11e0-9c25-b1cebf80b236}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2010/08/18 05:07:30 | 002,310,824 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/18 12:21:11 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Kindle\Desktop\OTL.exe
[2011/07/18 11:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/07/18 11:15:05 | 000,000,000 | ---D | C] -- C:\Users\Kindle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/18 10:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/07/18 10:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/07/18 10:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/07/18 10:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/07/18 09:17:52 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2011/07/18 09:17:52 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmeaext.sys
[2011/07/18 09:17:52 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2011/07/18 09:17:52 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2011/07/18 09:17:52 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbgps.sys
[2011/07/18 09:17:52 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2011/07/18 09:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZTEDriverAC30

========== Files - Modified Within 30 Days ==========

[2011/07/18 12:21:16 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Kindle\Desktop\OTL.exe
[2011/07/18 11:15:05 | 000,002,981 | ---- | M] () -- C:\Users\Kindle\Desktop\HiJackThis.lnk
[2011/07/18 10:46:15 | 000,435,740 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/18 10:42:20 | 000,001,258 | ---- | M] () -- C:\Users\Kindle\Desktop\Spybot - Search & Destroy.lnk
[2011/07/18 10:14:23 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/18 09:07:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/14 19:04:31 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\NUSchedule.job
[2011/07/14 18:36:57 | 000,000,058 | ---- | M] () -- C:\Users\Kindle\AppData\Local\mv_Photo.xml
[2011/07/14 17:31:53 | 000,000,055 | ---- | M] () -- C:\Users\Kindle\AppData\Local\mv_music.xml
[2011/07/13 19:15:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/13 19:15:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/13 19:12:49 | 000,727,548 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/13 19:12:49 | 000,624,088 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/13 19:12:49 | 000,107,776 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/13 19:08:06 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/18 21:49:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKindle.job

========== Files Created - No Company Name ==========

[2011/07/18 11:15:05 | 000,002,981 | ---- | C] () -- C:\Users\Kindle\Desktop\HiJackThis.lnk
[2011/07/18 10:42:20 | 000,001,258 | ---- | C] () -- C:\Users\Kindle\Desktop\Spybot - Search & Destroy.lnk
[2011/07/18 10:14:23 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/03/14 11:46:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/28 22:43:40 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2011/02/19 23:05:56 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/19 11:00:55 | 000,000,058 | ---- | C] () -- C:\Users\Kindle\AppData\Local\mv_Photo.xml
[2011/02/19 11:00:55 | 000,000,055 | ---- | C] () -- C:\Users\Kindle\AppData\Local\mv_music.xml
[2011/01/12 07:43:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/12 07:36:23 | 000,000,298 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2011/01/12 07:36:23 | 000,000,239 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/07/12 15:52:54 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/07/12 13:23:43 | 000,000,189 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/04/28 20:17:52 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/02/09 20:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/10 00:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/04/20 17:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\Amazon
[2011/03/21 22:28:18 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\Smith Micro
[2011/06/07 10:11:57 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\SoftGrid Client
[2011/04/14 14:18:05 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\Tific
[2011/02/19 23:06:53 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\TP
[2011/03/03 23:27:32 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\WildTangent
[2011/03/27 10:50:46 | 000,000,000 | ---D | M] -- C:\Users\Kindle\AppData\Roaming\Windows Live Writer
[2011/07/14 19:04:31 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\NUSchedule.job
[2009/07/14 00:08:49 | 000,018,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(48).TXT
[2009/07/14 00:08:49 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:D3A96964
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D287FACF

< End of report >

OTL Extras logfile created on: 7/18/2011 12:21:31 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Kindle\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 57.23% Memory free
7.49 Gb Paging File | 5.70 Gb Available in Paging File | 76.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.88 Gb Total Space | 397.35 Gb Free Space | 88.72% Space Free | Partition Type: NTFS
Drive D: | 17.58 Gb Total Space | 2.80 Gb Free Space | 15.94% Space Free | Partition Type: NTFS
Drive F: | 62.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FLOWERPOWER | User Name: Kindle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{24F117AA-3F3A-6575-D73E-7A5006EC640A}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{7CAD117F-315D-5016-A128-D227FE197913}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{16B7E983-E3F3-DDEF-D101-86BF7842922B}" = CCC Help German
"{1DBDD92E-F199-10B0-5BED-424407AA8844}" = CCC Help Turkish
"{1DF6F066-9DBE-FCE6-018E-C233CACA1793}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D2ED3BD-6838-74FF-73E8-1A97D6E56DE5}" = Catalyst Control Center Localization All
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding
"{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3A8FE746-19BA-4168-8D01-D45897C7310E}" = VZAccess Manager
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{460C111D-64C5-06DB-E336-63549004C101}" = Catalyst Control Center Graphics Previews Common
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4BCB77BC-BD26-753D-EA91-F2A2340AEBD8}" = CCC Help Japanese
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54EBCD2E-9020-7AFC-A54F-707EC5B5029E}" = CCC Help Polish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{644D5D68-8AB9-3EE0-A0CF-A617D7A9156E}" = ccc-core-static
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6A10E86F-C9BB-4A8A-2B38-0EEA51D1ACE7}" = CCC Help Korean
"{6A6A677A-3E1D-4A44-97FF-0EE3A8C1A862}" = HP Quick Launch
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{70A4AB76-727A-1A8F-28F8-8D90D84F7CCD}" = CCC Help Finnish
"{7221D07E-D60E-419C-BC3E-9525BF3EC7C3}" = HP Documentation
"{725DBD1D-B75D-CA58-70B4-3E2E6CB6E92A}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{75B6C1BF-B98C-4B99-BD0D-CC9BF16C490D}" = Clifford Phonics
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{94089FFA-AC79-4DBA-EF4D-986BDD17960F}" = CCC Help Swedish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96064BB9-83B6-E972-D80D-ED391BB44EC7}" = CCC Help Norwegian
"{9799A154-130D-6776-2E63-3DF424BCE4BB}" = Catalyst Control Center Graphics Previews Vista
"{97E265BF-9250-41FB-B64A-FC50975AF1EC}" = ZTE USB Drivers
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC7295C-2B4B-361E-A0CD-503274F33C17}" = CCC Help Portuguese
"{9E4EB4E5-E3BE-A8CC-6020-E2ADCC411540}" = CCC Help English
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A1BDCF05-A4CC-0AAE-0D82-6B21F64A2E0F}" = CCC Help Chinese Traditional
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9814077-8193-E8CF-CF5A-32A5C932C1B3}" = CCC Help Russian
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI
"{AC911C72-3BA1-6FB6-2A73-DA3BA6FC36DE}" = CCC Help Czech
"{AD692A27-D061-A7BC-A4D2-83803FDCC327}" = Catalyst Control Center InstallProxy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5EDA143-2C52-EFC9-B8F7-A2434AE7A11B}" = Catalyst Control Center Core Implementation
"{BBEA6281-F991-FF80-B630-30842578BCBA}" = Catalyst Control Center Graphics Light
"{BCF6C7E9-0ED4-3EB9-DEA5-978BE18658FB}" = CCC Help Dutch
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BDFD5005-6ABD-59A4-E810-AA48738764EE}" = CCC Help Chinese Standard
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C486808A-6580-BD78-FC55-68E1DC0B27A6}" = CCC Help Greek
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7294D0A-0226-3811-8AC9-F7250CCA732D}" = CCC Help Thai
"{CB0771A2-590B-2401-31C5-B4783A26FA82}" = CCC Help Hungarian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC52C9F3-30FE-5A8A-E24B-65C19F064C5A}" = Catalyst Control Center Graphics Full Existing
"{D0542C70-BFEA-E202-030D-8B93634126BF}" = CCC Help Italian
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F06A951A-1E2D-133C-11AD-3308B599DB3D}" = CCC Help French
"{FAD8147D-778E-0E95-B17A-441ABAD418A3}" = CCC Help Danish
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"Norton Utilities 15_is1" = Norton Utilities 15
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Sesame Street ® Music Maker™" = Sesame Street ® Music Maker™
"WildTangent hp Master Uninstall" = HP Games
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/30/2011 8:23:42 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2011 8:23:42 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12231

Error - 5/30/2011 8:23:42 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12231

Error - 5/30/2011 11:05:45 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2011 11:05:45 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9735898

Error - 5/30/2011 11:05:45 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9735898

Error - 5/30/2011 11:05:47 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2011 11:05:47 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9737552

Error - 5/30/2011 11:05:47 AM | Computer Name = FlowerPower | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9737552

Error - 5/30/2011 2:36:10 PM | Computer Name = FlowerPower | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: There are currently no active network connections. Background
Intelligent Transfer Service (BITS) will try again when an adapter is connected.


[ Hewlett-Packard Events ]
Error - 3/24/2011 11:00:24 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 3/24/2011 11:03:15 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 3/24/2011 11:07:46 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 3/24/2011 11:40:20 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 3/24/2011 11:40:47 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.Settings.loadTuneUPSettings() at HPAssistant.Pages.Settings.Page_Loaded(Object
sender, RoutedEventArgs e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 3/26/2011 8:14:01 PM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 3/26/2011 8:15:27 PM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 5/10/2011 10:37:36 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 5/10/2011 10:38:02 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.Settings.loadTuneUPSettings() at HPAssistant.Pages.Settings.Page_Loaded(Object
sender, RoutedEventArgs e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 5/10/2011 10:52:05 AM | Computer Name = FlowerPower | Source = Hewlett-Packard | ID = 0
Description = en-US Exception of type 'System.Exception' was thrown. Configurator
at Configurator.ConfiguratorClass.loadXML() at Configurator.ConfiguratorClass..ctor(Boolean
loadxml) at HPSFConfigReader.ConfigHelper..ctor() at HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

[ HP Wireless Assistant Events ]
Error - 2/21/2011 8:50:20 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:51:21 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:52:22 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:53:23 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:54:24 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:55:25 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:56:26 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2/21/2011 8:57:27 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 3/1/2011 10:38:49 PM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 5/30/2011 8:23:28 AM | Computer Name = FlowerPower | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ Media Center Events ]
Error - 3/27/2011 12:12:24 PM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 11:11:57 AM - Error connecting to the internet. 11:11:57 AM - Unable
to contact server..

Error - 5/24/2011 10:40:48 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 9:40:42 AM - Error connecting to the internet. 9:40:46 AM - Unable
to contact server..

Error - 6/3/2011 7:42:32 PM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 6:42:30 PM - Error connecting to the internet. 6:42:30 PM - Unable
to contact server..

Error - 6/19/2011 3:57:12 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 2:57:11 AM - Error connecting to the internet. 2:57:11 AM - Unable
to contact server..

Error - 6/19/2011 3:57:20 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 2:57:17 AM - Error connecting to the internet. 2:57:17 AM - Unable
to contact server..

Error - 6/19/2011 4:57:25 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 3:57:25 AM - Error connecting to the internet. 3:57:25 AM - Unable
to contact server..

Error - 6/19/2011 5:57:30 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 4:57:30 AM - Error connecting to the internet. 4:57:30 AM - Unable
to contact server..

Error - 6/19/2011 6:57:35 AM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 5:57:35 AM - Error connecting to the internet. 5:57:35 AM - Unable
to contact server..

Error - 6/26/2011 10:49:36 PM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 9:49:35 PM - Error connecting to the internet. 9:49:35 PM - Unable
to contact server..

Error - 7/3/2011 1:09:58 PM | Computer Name = FlowerPower | Source = MCUpdate | ID = 0
Description = 12:09:57 PM - Error connecting to the internet. 12:09:57 PM - Unable
to contact server..

[ System Events ]
Error - 5/30/2011 2:19:48 AM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={D763CEB7-D11C-432F-85A2-F6E9299E0793}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 5/31/2011 10:49:32 PM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={0763AC48-C9A4-4B08-8144-26AC3937E6F1}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 6/2/2011 10:46:40 AM | Computer Name = FlowerPower | Source = DCOM | ID = 10010
Description =

Error - 6/4/2011 8:46:22 AM | Computer Name = FlowerPower | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:44:07 AM on ?6/?4/?2011 was unexpected.

Error - 6/4/2011 8:46:31 AM | Computer Name = FLOWERPOWER | Source = BugCheck | ID = 1001
Description =

Error - 6/6/2011 2:17:57 AM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={DEBF395B-C473-43CE-8496-BF6D447F44F5}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 6/10/2011 6:19:04 PM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={E56A7E13-0C48-40EF-8E86-AD5E1577C297}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 6/11/2011 10:56:32 PM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={F455258C-8D8D-479F-8EAE-FBF518DF135A}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 6/12/2011 10:56:50 PM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={E570AF79-6302-441B-9ED4-8CB47FC71F39}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection

Error - 6/14/2011 10:15:02 PM | Computer Name = FlowerPower | Source = RasMan | ID = 20276
Description = CoId={152DD816-7686-4342-AFD4-392BD240D363}: Layer=PPP: SubLayer=LCP:
The connection attempt failed on port: COM7 because of the authentication protocol
selected. Check to see if the authentication protocol is supported in the operating
systems at the client and server ends of the connection


< End of report >
  • 0

Advertisements

#2
BlackOxide
Posted 23 July 2011 - 08:49 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, mscott92! Welcome to GeeksToGo! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :unsure:

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :)

First of all, sorry for the delay. Lets start trying to get you sorted now :yes:

Could you do the following for me please....




1)
OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Copy and Paste the following into the Custom Scans/Fixes box at the bottom.

    /md5start
*funweb*.*
/md5stop
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log




2)
Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image




In your next reply
Please post the contents of...
OTL log
aswMBR log
  • 0

#3
BlackOxide
Posted 07 August 2011 - 09:40 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP