Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Randon underlined words in browser linking to ads


  • Please log in to reply

#1
eringo

eringo

    New Member

  • Member
  • Pip
  • 3 posts
Hi there
A common problem I think started when I was trying to watch a movie online and downloaded some add on to watch it with.
Have tried virus scanning, tried managing the add ons but couldn't figure it out. Have downloaded spy bot search and destroy but to know avail.

Please help me

OTL logfile created on: 8/9/2013 8:59:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moar\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

2.98 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 40.46% Memory free
5.97 Gb Paging File | 3.42 Gb Available in Paging File | 57.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 350.05 Gb Free Space | 78.06% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.48 Gb Free Space | 74.39% Space Free | Partition Type: FAT32

Computer Name: MOAR-LAPTOP | User Name: Moar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
PRC - [2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/30 14:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 14:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
PRC - [2012/05/09 21:15:12 | 000,029,696 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr4.AnyCPU.exe
PRC - [2012/05/09 21:15:12 | 000,029,184 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr2.AnyCpu.exe
PRC - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
PRC - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/05 11:23:02 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/06/19 11:25:12 | 001,691,192 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
PRC - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
PRC - [2010/06/09 18:04:02 | 002,831,648 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010/06/09 18:04:02 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
PRC - [2010/04/06 06:12:02 | 000,363,064 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 16:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010/03/02 05:26:40 | 000,256,056 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
PRC - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009/12/12 12:57:38 | 011,265,536 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\System32\uArcCapture.exe
PRC - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
PRC - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/18 21:01:15 | 000,113,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll
MOD - [2013/07/18 21:01:15 | 000,092,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll
MOD - [2013/07/16 14:29:31 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
MOD - [2013/07/16 14:29:25 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/14 10:21:13 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a7a3ebc76a454af37918211506e81e31\System.Management.ni.dll
MOD - [2013/07/14 10:21:12 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae317486cd9abc8b617e5a71e193ce78\IAStorUtil.ni.dll
MOD - [2013/07/13 17:27:44 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
MOD - [2013/07/13 17:27:39 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/13 17:27:15 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
MOD - [2013/07/13 17:27:03 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/13 17:26:56 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/13 17:26:53 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
MOD - [2013/07/13 17:26:45 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/13 17:26:40 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/13 17:26:38 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/13 17:26:37 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/13 17:26:30 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/09/05 00:30:26 | 000,237,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010/09/05 00:30:26 | 000,011,320 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll
MOD - [2010/08/05 22:57:22 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/06/22 12:54:38 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/06/19 11:25:12 | 000,267,832 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
MOD - [2010/06/19 11:25:12 | 000,055,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
MOD - [2010/06/19 11:25:12 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
MOD - [2010/06/09 18:04:14 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2010/04/06 06:12:06 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
MOD - [2010/04/06 06:12:00 | 000,267,832 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
MOD - [2010/04/06 06:11:58 | 000,030,264 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
MOD - [2009/06/18 06:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/18 06:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/18 06:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/08/04 07:54:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)
SRV - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/27 16:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe -- (UWS HiPriv Services)
SRV - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe -- (UltiDev Web Server Pro)
SRV - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe -- (UWS LoPriv Services)
SRV - [2010/12/13 14:24:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe -- (HPDayStarterService)
SRV - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010/03/19 06:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009/12/15 05:47:46 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\System32\uArcCapture.exe -- (uArcCapture)
SRV - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009/11/18 09:39:16 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/07/14 13:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 13:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Moar\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/24 02:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/24 02:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/12/20 18:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/21 00:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/21 00:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/21 00:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/21 00:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/21 00:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 22:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 21:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 21:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/27 14:00:42 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/10/27 14:00:42 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010/10/27 14:00:42 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/10/27 14:00:42 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/10/27 14:00:42 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/08/05 11:51:46 | 005,587,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/08/05 10:47:02 | 000,210,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 12:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/03 10:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/03/18 06:49:56 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/02/17 07:24:12 | 000,021,560 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2010/02/10 23:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/12/19 11:13:44 | 001,763,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/12/16 12:12:28 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009/12/16 12:12:16 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009/12/16 12:12:14 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009/12/16 12:12:10 | 000,110,520 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/12/04 22:48:18 | 000,029,824 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV - [2009/11/11 21:11:00 | 000,181,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/03 08:11:56 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/10/22 08:37:52 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2009/09/18 08:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/14 11:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 11:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 11:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/09 08:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009/07/09 08:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/11/11 10:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
IE - HKCU\..\SearchScopes,DefaultScope = {26A6DBF7-894B-4744-B7F3-8253831CFAE5}
IE - HKCU\..\SearchScopes\{26A6DBF7-894B-4744-B7F3-8253831CFAE5}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/05 00:48:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files\LyricsPal\125.xpi [2013/07/24 09:56:46 | 000,007,107 | ---- | M] ()

[2013/07/20 19:39:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2013/07/16 12:06:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Lyrics-Pal) - {AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68} - C:\Program Files\LyricsPal\125.dll (LyricsPal Soft. LTD)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DTRun] c:\Program Files\Arcsoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1959AF40-4A1C-4E4E-A865-F8A5B513BB15}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/09 20:58:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/08/09 20:41:26 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\windows\System32\sdnclean.exe
[2013/08/09 20:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/08/09 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\ElevatedDiagnostics
[2013/08/09 20:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/08/09 20:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/08/08 20:36:47 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/07/31 20:07:11 | 000,531,968 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:06:47 | 012,705,884 | ---- | C] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:06:47 | 001,953,792 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:06:47 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:06:44 | 000,179,712 | ---- | C] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 19:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\AGDATA
[2013/07/31 19:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix 6.5
[2013/07/24 09:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\LyricsPal
[2013/07/20 19:42:42 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\Bundled software uninstaller
[2013/07/20 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/07/20 19:39:58 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins
[2013/07/20 19:39:58 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions
[2013/07/20 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/20 19:37:28 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Babylon
[2013/07/20 19:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/07/19 21:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saltbush Software
[2013/07/18 21:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2013/07/18 20:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013/07/16 15:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/07/16 14:40:40 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/07/16 13:07:01 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Malwarebytes
[2013/07/16 13:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/16 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\Programs
[2013/07/16 12:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/07/16 12:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/07/16 12:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/07/16 12:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/07/16 12:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/16 12:07:49 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/07/16 11:59:54 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/16 11:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/07/16 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\Moar\Desktop\Malware Toolkit
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:30 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:24:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/08/09 20:14:52 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/09 20:14:52 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/09 20:12:42 | 000,733,350 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/08/09 20:12:42 | 000,152,134 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/08/09 20:08:00 | 000,000,348 | ---- | M] () -- C:\windows\tasks\Lyrics-Pal Update.job
[2013/08/09 20:07:29 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2013/08/09 20:07:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/09 20:07:05 | 3203,850,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/09 20:02:44 | 000,000,763 | ---- | M] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/08/08 20:35:40 | 000,000,316 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForMoar.job
[2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\windows\System32\drivers\stwrt.sys
[2013/07/31 20:05:35 | 001,953,792 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:05:34 | 012,705,884 | ---- | M] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:05:34 | 000,934,912 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapo.dll
[2013/07/31 20:05:34 | 000,531,968 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:05:34 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stcplx.dll
[2013/07/31 20:05:34 | 000,179,712 | ---- | M] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 19:30:11 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/18 21:01:13 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 16:12:30 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/07/16 13:56:11 | 000,000,312 | ---- | M] () -- C:\windows\wininit.ini
[2013/07/16 12:06:16 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/07/13 17:25:03 | 000,346,352 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/09 20:41:30 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/08/09 20:41:30 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:02:44 | 000,000,763 | ---- | C] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/07/31 20:06:47 | 000,001,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2013/07/31 19:30:11 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/20 19:37:18 | 000,000,348 | ---- | C] () -- C:\windows\tasks\Lyrics-Pal Update.job
[2013/07/18 21:01:13 | 000,002,143 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 15:08:57 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2013/07/16 15:07:30 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/07/16 13:54:32 | 000,000,312 | ---- | C] () -- C:\windows\wininit.ini
[2013/07/16 12:21:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
[2011/09/26 15:23:50 | 000,098,304 | ---- | C] () -- C:\windows\System32\redmonnt.dll
[2011/09/24 10:31:23 | 000,000,204 | ---- | C] () -- C:\windows\MYOBP.INI
[2011/09/24 10:31:23 | 000,000,041 | ---- | C] () -- C:\windows\MYOB.INI
[2011/09/24 10:27:30 | 000,000,663 | ---- | C] () -- C:\windows\openrda.ini
[2011/09/24 10:27:12 | 000,000,000 | ---- | C] () -- C:\windows\drvxl32.INI
[2011/09/24 10:27:10 | 000,000,000 | ---- | C] () -- C:\windows\drvwd32.INI
[2011/06/17 18:23:53 | 000,001,849 | ---- | C] () -- C:\Users\Moar\AppData\Roaming\GhostObjGAFix.xml

========== ZeroAccess Check ==========

[2009/07/14 16:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 16:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 13:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/12/14 09:51:36 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\AGDATA
[2013/07/20 19:37:28 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Babylon
[2010/12/13 12:22:30 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\DigitalPersona
[2012/06/21 13:35:09 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\HerdMASTER
[2012/04/14 11:47:26 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Nokia
[2010/12/14 18:18:37 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\PC Suite
[2012/06/21 14:47:36 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Saltbush Software
[2012/06/09 12:02:28 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Samsung
[2012/05/25 10:08:26 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Sony
[2011/03/25 17:41:47 | 000,000,000 | ---D | M] -- C:\Users\Moar\AppData\Roaming\Windows Live Writer
[2012/06/21 14:42:51 | 000,000,000 | -HSD | M] -- C:\Users\Moar\AppData\Roaming\wyUpdate AU

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, eringo and welcome to GeeksToGo!

You can call me Phel and today I will try to help you with your trouble.

Please, read these instructions carefully, because they contain some very useful information.

Please, let me know, if you don't understand something. It is really important to understand any instruction. Also, please read all instructions carefully before performing them. Feel free to ask questions, if you aren't sure.

Please, be patient. You should stay here until your computer will become really clean. Malware Removal isn't very fast procedure, it usually has multiple steps, but result should be glad.;)

Please, wait for a while now, currently I'm analyzing your logs. Please note, that my answers could come with a slight delay, because they are checked by my teacher.
  • 0

#3
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Have you installed Avast before?

Two AV's on one computer warning

I have noticed, that you are using 2 antiviruses - McAfee and Microsoft Security Essentials on one computer. This can lead to several hangs and in the worst case - to the crash of the whole system. So, please, remove one of these AV's, and keep on your PC only one antivirus program.

Step 1. AdwCleaner scan.

  • Please, download AdwCleaner from here to your Desktop.
  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.
  • After fix Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. OTL fix.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files\LyricsPal\125.xpi 
    O2 - BHO: (Lyrics-Pal) - {AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68} - C:\Program Files\LyricsPal\125.dll (LyricsPal Soft. LTD)
    [2013/07/20 19:37:28 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Babylon
    [2013/07/20 19:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2013/07/20 19:39:58 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins
    [2013/07/20 19:39:58 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions
    [2013/07/24 09:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\LyricsPal
    [2013/07/20 19:37:18 | 000,000,348 | ---- | C] () -- C:\windows\tasks\Lyrics-Pal Update.job
    [2013/07/20 19:42:42 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\Bundled software uninstaller
    
    :Commands
    [EMPTYTEMP]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again.
  • Find in the OTL window Extra Registry section and change radiobutton there to the Use SafeList.
  • Click on the Run Scan button.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

  • AdwCleaner log
  • OTL log

  • 0

#4
eringo

eringo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
AdwCleaner report

# AdwCleaner v2.306 - Logfile created 08/10/2013 at 10:16:00
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Moar - MOAR-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Moar\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files\LyricsPal
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Moar\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Moar\AppData\LocalLow\delta
Folder Deleted : C:\Users\Moar\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\5d08c8ab268e510
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[email protected]
Key Deleted : HKLM\Software\PerformerSoft

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [2942 octets] - [10/08/2013 10:16:00]

########## EOF - C:\AdwCleaner[S1].txt - [3002 octets] ##########
  • 0

#5
eringo

eringo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Extras.txt

OTL Extras logfile created on: 8/10/2013 10:34:07 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moar\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

2.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 52.51% Memory free
5.97 Gb Paging File | 4.08 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 350.43 Gb Free Space | 78.14% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.48 Gb Free Space | 74.39% Space Free | Partition Type: FAT32

Computer Name: MOAR-LAPTOP | User Name: Moar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [UWS_CLR1] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr2x86.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Directory [UWS_CLR2] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr2AnyCPU.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Directory [UWS_CLR4] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr4AnyCPU.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D205CDD-5406-4E9C-A4AE-AC44E7819DFC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FBA35A9-A590-4918-BC4F-45831B6554B5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C0050BF-293F-4CC4-A641-0FF03A520165}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27A095B7-87B5-42D1-92A4-69BF5545C7E9}" = lport=5677 | protocol=6 | dir=in | name=ultidev web server pro |
"{39A830E5-DA1B-4AAF-AE11-314BBAEECE65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B393DCD-F095-461C-B1E5-E191D57A370F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{439658B9-4FEF-49E6-90EF-0BEB4ECA4186}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CA6CEE2-63BB-4790-8CCC-6A057F369AC0}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F6F01F0-55D1-4882-8D73-B13731EA75C3}" = rport=138 | protocol=17 | dir=out | app=system |
"{80C0EF5B-BCD4-4FE1-B0AA-6608F2CFEC75}" = lport=2909 | protocol=6 | dir=in | name=ultidev web server pro |
"{867C7F51-B7CD-4371-B2A4-24FA20B74A41}" = lport=56777 | protocol=6 | dir=in | name=ultidev web server pro |
"{928618D0-BB2B-4259-BBA4-D26D2833A7F9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A88432B1-3723-4B1E-AF85-BF732A733034}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC0F0F71-25A6-4EB0-BD09-79F834AE0DEE}" = lport=139 | protocol=6 | dir=in | app=system |
"{BD428994-9B52-4534-86A8-BF76CE3E3895}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6B86A87-A398-45B5-A42D-A18CC3111995}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CA095258-7580-4D71-8B54-52B8C74EE524}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5909143-6025-4B7A-BE91-E7DCEA429491}" = lport=138 | protocol=17 | dir=in | app=system |
"{D774ACFC-5BD8-4A69-9DC8-4E6E2781897E}" = lport=8080 | protocol=6 | dir=in | name=ultidev web server pro |
"{DAFA8A80-91F0-48E7-97CA-9018754939B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DB3E1AD6-6A9A-4C84-AED6-6AE1CB3603F0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD6768D1-E214-43CF-B236-672C621D2A44}" = lport=7756 | protocol=6 | dir=in | name=ultidev web server pro |
"{DD82ABAA-1CCB-4C6C-9FCB-DD39AC8E6775}" = lport=445 | protocol=6 | dir=in | app=system |
"{DFD6893E-E219-4287-BA4A-67E893810A97}" = rport=137 | protocol=17 | dir=out | app=system |
"{E191B205-E76E-43C3-A811-EDF2BE0B9817}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E23F7837-FACD-40A8-B654-4731CFDD7821}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EDCF53A3-04C4-481B-BABF-5F59E0828EBE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2723B74-113B-4645-BF8A-AF46EB22FA8E}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4899494-2643-462B-A68B-6FA623A21853}" = lport=80 | protocol=6 | dir=in | name=ultidev web server pro |
"{F920A14C-067B-40F1-A3E4-1954E67BFA28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD4592F6-93D5-4C52-928D-AF6660040BF6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01952522-06E3-47E6-85C9-98AEB0B4380B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13488955-132A-47D8-A6B6-3D10E6D0A2A5}" = protocol=58 | dir=in | [email protected],-28545 |
"{28B8FD19-9858-4A77-AEB7-45E4105259B8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2B583B1E-591B-4458-961E-FEC4D84FDB0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CCEE22F-F0F5-4099-94F3-19210410749E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3D85FAB4-F6C5-4D89-BE8F-E02FCF64C06C}" = dir=in | app=c:\program files\agdata\phoenix 6.5\phoenix6.exe |
"{3E1B6CE1-FDB6-436E-BA2C-8E750B7DF2C1}" = protocol=1 | dir=in | [email protected],-28543 |
"{428E9388-A975-4974-A082-5A2FB85E932B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{575F1859-D029-4B37-B2FE-4C19E7DDF5FA}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{581987B4-1A88-41AB-B0E8-BF1901665D98}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5C13D632-DB5C-4392-8823-91AC607BBF5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6030F979-9E88-44D7-BED6-446C46B9CDBC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{635390B8-C925-4A37-9BE0-AC4B815A672F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{662B0B23-78F0-46E1-AB16-79E3D23C984E}" = protocol=6 | dir=out | app=system |
"{6845A4F4-5F27-4961-BCC1-D98AA283C269}" = protocol=58 | dir=out | [email protected],-28546 |
"{696B3897-3049-42EF-B194-B91F3C75DA44}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6D914A37-B2D6-480D-BD82-3D595C57E4C0}" = protocol=1 | dir=out | [email protected],-28544 |
"{74AE84B0-C0B8-434A-9E3A-E80C32140002}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{75927B4A-4A7C-47FB-9AC3-B26E7F61E3F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B06A2AA-89BB-4CFF-8E76-5982FF6B6760}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{97002BFD-2E23-41C6-979E-038EE2190BF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CDD9F943-6DF6-4B14-AF62-7C1C758F80C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D0EBD520-3CB6-4B06-B949-88B85C15B4A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D0F02E86-62CC-4B09-B58F-426342413115}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DFCA4991-A1D4-4783-B6A7-1ECE6383FC2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E404BA24-9081-4FE6-8559-8A5FFFFDF54F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F0523A25-6B10-471A-97B7-5DA90E56F757}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6C38650-EEE6-440E-B8CD-931F04637060}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{18BA61B2-D827-4F2D-A74B-8C7E71B4E3C2}C:\program files\sony\media go\mediago.exe" = protocol=6 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"TCP Query User{E928A0D0-0AA7-4188-BEB0-31AB53C38C4A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{066B1444-2E62-428D-A6B8-C76C5966F066}C:\program files\sony\media go\mediago.exe" = protocol=17 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"UDP Query User{FE1D6E24-D4D6-43F7-90BA-21AD5B7FF0AC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016E43D3-6E3A-507C-5180-08A592A09D93}" = CCC Help Russian
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{049F82E6-AA8C-D885-07A0-FF69690DD9C5}" = CCC Help Chinese Standard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AFBCD38-7E68-B685-7A1A-DC3F11C0DF7F}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0EAB8F33-5A3E-BE80-3D11-7BBD79FB002A}" = CCC Help Thai
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21385719-E020-4ED8-A3D4-6B46D0E5DAB1}" = ArcSoft TotalMedia
"{223B174E-DAB0-4892-AFE7-7E03AFD61426}" = Overseer (Ulti)
"{2606650A-9367-D0AE-EF8D-CF627C9082E4}" = Catalyst Control Center Graphics Previews Vista
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{26D96CA0-8751-4CCF-955E-AFE7D38F0ECD}" = HerdMASTER Suite
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}" = HP Power Assistant
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{345E500B-471A-593B-BCEA-EE73E391CFBD}" = CCC Help Korean
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{350F790E-5C32-4B3A-8AAB-B0478BB76D11}" = Privacy Manager for HP ProtectTools
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3556F018-53B9-2715-5F8A-4C40E529DA76}" = CCC Help Hungarian
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3AFE7AB6-76A5-4616-B0A7-A852B6E9E032}" = Art and Stitch
"{3B347E5E-B717-B7F1-CFD0-E120CB85CDD8}" = ccc-utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4112625F-2D38-49EF-924F-48511BC5CD34}" = SQL Server 2008 R2 Database Engine Services
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{466AA29C-0BE5-902A-BD90-D87C846CD947}" = CCC Help Turkish
"{46A5EF84-99CF-2BA6-EF3E-5438190CBA5F}" = Catalyst Control Center Localization All
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{480E1460-BEEA-828B-9802-82C440EA5E5B}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{586414D6-B3E1-F163-223D-D298E80727E1}" = CCC Help Czech
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCBD841-3768-4D3A-8517-65BFB87E05D3}" = Validity Fingerprint Driver
"{5DFE5A09-5030-6B21-6E8E-987FAD247BD2}" = CCC Help Polish
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6283B16A-66AE-48F9-BCA5-9EABDAE1790B}" = MYOB Accounting Plus v18 ED
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67C090D6-109A-47D7-8DED-4160C4D96F32}" = HP 3D DriveGuard
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7861911B-4270-498A-8F7A-FCF0570F487D}" = HP QuickWeb
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7D90F99D-0D3A-9B0F-1AB6-4C142098A23C}" = CCC Help Portuguese
"{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}" = Media Go Video Playback Engine 1.88.110.12050
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8111D017-F77E-4387-B07E-4C4ACF4866FA}" = CCC Help Norwegian
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}" = Drive Encryption for HP ProtectTools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0590BF-9036-47D5-BBE7-50590649760C}" = HP ProtectTools Security Manager
"{8C3059B3-B804-42BB-909B-25864C7D33E3}" = HP Documentation
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F9AD9CF-0FF9-4723-A946-B4C9F76E7DFA}" = UltiDev Web Server Pro
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.AccessR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2010
"{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9742CB30-C01E-436F-826F-0BF862A7D763}" = Phoenix 6.5
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEAB1B-72AC-4C99-B5CB-C9B37C86F11F}" = Catalyst Control Center - Branding
"{9FA32684-39EF-10A1-4896-95A28BD2A51C}" = CCC Help English
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A60F1207-CB8B-DFE4-B0B2-28781A9918F5}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B31E60DA-0FB3-8C8F-7F00-8FC5A2E716A6}" = CCC Help Danish
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = SQL Server 2008 R2 Database Engine Services
"{BB922B1F-5CFB-C323-F35C-517FA74BF17E}" = CCC Help French
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7FD3148-0065-253C-E0A9-62C1B2307421}" = CCC Help Italian
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}" = WinZip 15.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"{D3E71122-71F0-C06F-A482-8997D22301F4}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D89F6F7C-1966-9408-40A7-4877F5A85005}" = ccc-core-static
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DC1F523C-FB0A-885F-CC3F-FA7E749213B6}" = CCC Help Dutch
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{E9729C11-2758-5F56-B661-3D99498454CA}" = CCC Help Spanish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2177395-FD90-44B0-AFB8-2E0566855E5C}" = HP Power Data
"{F626688A-B307-2D16-DDCE-F24633F848F2}" = Catalyst Control Center InstallProxy
"{F75A2405-6EF2-8651-3C36-FEA98F6681ED}" = CCC Help German
"{F7E55D3B-D675-4511-6B36-2766DC819432}" = CCC Help Chinese Traditional
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F9DB9D94-7ABF-4FF0-AE71-4FC9DAB7D4A1}" = HP QuickLook
"{FC023480-A05B-ED84-877F-547EA3CD3DCB}" = CCC Help Finnish
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"CCleaner" = CCleaner
"Drive Encryption" = Drive Encryption for HP ProtectTools
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HPProtectTools" = HP ProtectTools Security Manager
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{6283B16A-66AE-48F9-BCA5-9EABDAE1790B}" = MYOB Accounting Plus v18 ED
"InstallShield_{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Office14.AccessR" = Microsoft Access 2010
"PDF Complete" = PDF Complete Special Edition
"P-Plus" = P-Plus
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/6/2013 9:56:37 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4025

Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5023

Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023

Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6037

Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6037

Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7082

Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7082

[ Hewlett-Packard Events ]
Error - 5/14/2013 9:19:28 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()

Error - 5/22/2013 7:25:37 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 5/28/2013 9:56:07 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 6/4/2013 9:34:50 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()

Error - 6/11/2013 9:20:11 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 6/19/2013 12:29:13 AM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: TargetSite: Void UpdateAndDetect()

Error - 6/30/2013 11:49:06 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 7/4/2013 5:03:03 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 7/9/2013 9:50:53 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 7/17/2013 8:43:35 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

[ HP Power Assistant Events ]
Error - 8/9/2013 4:09:59 AM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/9/2013 5:57:50 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8/9/2013 5:57:51 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/9/2013 5:57:51 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/9/2013 6:22:36 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8/9/2013 6:22:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/9/2013 6:22:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/9/2013 6:32:36 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8/9/2013 6:32:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/9/2013 6:32:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

[ HP Wireless Assistant Events ]
Error - 11/6/2010 3:35:24 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 11/6/2010 3:35:24 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()

Error - 11/6/2010 3:35:26 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597 at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
calibration) at HPPA_Service.HPPA_Service.ServiceWorkerMethod()

Error - 8/29/2012 7:38:34 PM | Computer Name = Moar-Laptop | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ Media Center Events ]
Error - 4/5/2011 9:40:47 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 1:40:44 p.m. - Error connecting to the internet. 1:40:44 p.m. -
Unable to contact server..

Error - 4/15/2011 6:52:13 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 10:52:13 a.m. - Error connecting to the internet. 10:52:13 a.m. -
Unable to contact server..

Error - 4/15/2011 6:52:21 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 10:52:18 a.m. - Error connecting to the internet. 10:52:18 a.m. -
Unable to contact server..

Error - 4/15/2011 11:49:49 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 3:49:49 p.m. - Error connecting to the internet. 3:49:49 p.m. -
Unable to contact server..

Error - 4/15/2011 11:49:59 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 3:49:54 p.m. - Error connecting to the internet. 3:49:54 p.m. -
Unable to contact server..

Error - 4/26/2011 1:26:31 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 5:26:31 p.m. - Error connecting to the internet. 5:26:31 p.m. -
Unable to contact server..

Error - 4/26/2011 1:26:39 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 5:26:36 p.m. - Error connecting to the internet. 5:26:36 p.m. -
Unable to contact server..

Error - 4/26/2011 2:26:44 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 6:26:44 p.m. - Error connecting to the internet. 6:26:44 p.m. -
Unable to contact server..

Error - 4/26/2011 2:26:49 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 6:26:49 p.m. - Error connecting to the internet. 6:26:49 p.m. -
Unable to contact server..

Error - 5/13/2011 9:59:14 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 1:59:11 p.m. - Error connecting to the internet. 1:59:11 p.m. -
Unable to contact server..

[ OSession Events ]
Error - 11/11/2011 12:26:58 AM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 209454
seconds with 600 seconds of active time. This session ended with a crash.

Error - 3/12/2012 4:05:07 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 69935
seconds with 240 seconds of active time. This session ended with a crash.

Error - 7/8/2012 11:03:31 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 878
seconds with 180 seconds of active time. This session ended with a crash.

Error - 7/13/2012 4:35:11 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 131
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/24/2013 6:44:43 PM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =

Error - 7/24/2013 9:25:45 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.631.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/2/2013 2:17:20 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1274.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/4/2013 9:31:46 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/4/2013 9:31:46 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/5/2013 3:23:57 AM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/7/2013 5:40:47 AM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =

Error - 8/9/2013 1:06:10 AM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =

Error - 8/9/2013 5:56:19 PM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =

Error - 8/9/2013 6:24:45 PM | Computer Name = Moar-Laptop | Source = Service Control Manager | ID = 7034
Description = The File Sanitizer for HP ProtectTools service terminated unexpectedly.
It has done this 1 time(s).


< End of report >


OTL.txt

OTL logfile created on: 8/10/2013 10:34:07 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moar\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

2.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 52.51% Memory free
5.97 Gb Paging File | 4.08 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 350.43 Gb Free Space | 78.14% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.48 Gb Free Space | 74.39% Space Free | Partition Type: FAT32

Computer Name: MOAR-LAPTOP | User Name: Moar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
PRC - [2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/30 14:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 14:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
PRC - [2012/05/09 21:15:12 | 000,029,696 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr4.AnyCPU.exe
PRC - [2012/05/09 21:15:12 | 000,029,184 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr2.AnyCpu.exe
PRC - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
PRC - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/05 11:23:02 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/06/19 11:25:12 | 001,691,192 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
PRC - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
PRC - [2010/06/09 18:04:02 | 002,831,648 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010/06/09 18:04:02 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
PRC - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010/04/06 06:11:54 | 000,008,192 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
PRC - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 16:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010/03/02 05:26:40 | 000,256,056 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
PRC - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009/12/12 12:57:38 | 011,265,536 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\System32\uArcCapture.exe
PRC - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
PRC - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2009/07/14 13:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\windows\System32\wbem\WMIADAP.EXE


========== Modules (No Company Name) ==========

MOD - [2013/07/18 21:01:15 | 000,113,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll
MOD - [2013/07/18 21:01:15 | 000,092,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll
MOD - [2013/07/16 14:29:31 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
MOD - [2013/07/16 14:29:25 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/14 10:21:13 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a7a3ebc76a454af37918211506e81e31\System.Management.ni.dll
MOD - [2013/07/14 10:21:12 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae317486cd9abc8b617e5a71e193ce78\IAStorUtil.ni.dll
MOD - [2013/07/13 17:27:44 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
MOD - [2013/07/13 17:27:39 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/13 17:27:15 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
MOD - [2013/07/13 17:27:03 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/13 17:26:56 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/13 17:26:53 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
MOD - [2013/07/13 17:26:45 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/13 17:26:40 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/13 17:26:38 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/13 17:26:37 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/13 17:26:30 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/09/05 00:30:26 | 000,237,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010/09/05 00:30:26 | 000,011,320 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll
MOD - [2010/08/05 22:57:22 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/06/22 12:54:38 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/06/19 11:25:12 | 000,267,832 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
MOD - [2010/06/19 11:25:12 | 000,055,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
MOD - [2010/06/19 11:25:12 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
MOD - [2010/06/09 18:04:14 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2010/04/06 06:11:54 | 000,008,192 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
MOD - [2009/06/18 06:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/18 06:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/18 06:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/08/04 07:54:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)
SRV - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/27 16:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe -- (UWS HiPriv Services)
SRV - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe -- (UltiDev Web Server Pro)
SRV - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe -- (UWS LoPriv Services)
SRV - [2010/12/13 14:24:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe -- (HPDayStarterService)
SRV - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010/03/19 06:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009/12/15 05:47:46 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\System32\uArcCapture.exe -- (uArcCapture)
SRV - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009/11/18 09:39:16 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/07/14 13:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 13:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Moar\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/24 02:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/24 02:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/12/20 18:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/21 00:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/21 00:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/21 00:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/21 00:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/21 00:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 22:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 21:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 21:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/27 14:00:42 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/10/27 14:00:42 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010/10/27 14:00:42 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/10/27 14:00:42 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/10/27 14:00:42 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/08/05 11:51:46 | 005,587,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/08/05 10:47:02 | 000,210,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 12:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/03 10:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/03/18 06:49:56 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/02/17 07:24:12 | 000,021,560 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2010/02/10 23:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/12/19 11:13:44 | 001,763,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/12/16 12:12:28 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009/12/16 12:12:16 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009/12/16 12:12:14 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009/12/16 12:12:10 | 000,110,520 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/12/04 22:48:18 | 000,029,824 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV - [2009/11/11 21:11:00 | 000,181,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/03 08:11:56 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/10/22 08:37:52 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2009/09/18 08:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/14 11:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 11:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 11:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/09 08:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009/07/09 08:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/11/11 10:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
IE - HKCU\..\SearchScopes,DefaultScope = {26A6DBF7-894B-4744-B7F3-8253831CFAE5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{26A6DBF7-894B-4744-B7F3-8253831CFAE5}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/05 00:48:31 | 000,000,000 | ---D | M]

[2013/07/20 19:39:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2013/07/16 12:06:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DTRun] c:\Program Files\Arcsoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1959AF40-4A1C-4E4E-A865-F8A5B513BB15}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/10 10:24:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/10 09:56:00 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/08/09 20:58:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/08/09 20:41:26 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\windows\System32\sdnclean.exe
[2013/08/09 20:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/08/09 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\ElevatedDiagnostics
[2013/08/09 20:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/08/09 20:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/07/31 20:07:11 | 000,531,968 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:06:48 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2013/07/31 20:06:48 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2013/07/31 20:06:48 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2013/07/31 20:06:47 | 012,705,884 | ---- | C] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:06:47 | 001,953,792 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:06:47 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:06:47 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2013/07/31 20:06:44 | 000,179,712 | ---- | C] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 19:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\AGDATA
[2013/07/31 19:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix 6.5
[2013/07/20 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/07/20 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/19 21:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saltbush Software
[2013/07/18 21:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2013/07/18 20:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013/07/16 15:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/07/16 14:42:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys
[2013/07/16 14:42:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/07/16 14:42:21 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aaclient.dll
[2013/07/16 14:42:21 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpudd.dll
[2013/07/16 14:42:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWbPrxy.exe
[2013/07/16 14:42:21 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys
[2013/07/16 14:42:21 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsRdpWebAccess.dll
[2013/07/16 14:42:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsgqec.dll
[2013/07/16 14:42:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbGDCoInstaller.dll
[2013/07/16 14:42:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprtPS.dll
[2013/07/16 14:42:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/07/16 14:42:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RdpGroupPolicyExtension.dll
[2013/07/16 14:42:20 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorets.dll
[2013/07/16 14:42:20 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprt.exe
[2013/07/16 14:42:20 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpendp_winip.dll
[2013/07/16 14:40:40 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/07/16 14:39:47 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/07/16 13:07:01 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Malwarebytes
[2013/07/16 13:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/16 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\Programs
[2013/07/16 12:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/07/16 12:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/07/16 12:22:26 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013/07/16 12:22:26 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013/07/16 12:22:26 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/07/16 12:22:21 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/07/16 12:22:21 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/07/16 12:22:21 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/07/16 12:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/07/16 12:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/07/16 12:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/16 12:07:49 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/07/16 11:59:54 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/16 11:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/07/16 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\Moar\Desktop\Malware Toolkit
[2013/07/13 16:43:15 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/07/13 16:43:13 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/07/13 16:43:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/07/13 16:43:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/07/13 16:43:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/07/13 16:43:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/07/13 16:43:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/07/13 16:43:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/07/13 16:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/07/13 16:43:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/07/13 11:31:11 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2013/07/13 11:31:07 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2013/07/13 11:31:06 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/07/13 11:31:06 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qedit.dll
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/10 10:36:39 | 000,733,350 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/08/10 10:36:39 | 000,152,134 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/08/10 10:36:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/10 10:36:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/10 10:28:36 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2013/08/10 10:28:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/10 10:28:14 | 3203,850,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/10 10:24:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/08/10 10:16:27 | 000,000,098 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013/08/10 10:14:04 | 000,666,633 | ---- | M] () -- C:\Users\Moar\Desktop\adwcleaner.exe
[2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:30 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:02:44 | 000,000,763 | ---- | M] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/08/08 20:35:40 | 000,000,316 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForMoar.job
[2013/08/04 07:54:21 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/08/04 07:54:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\windows\System32\drivers\stwrt.sys
[2013/07/31 20:05:35 | 001,953,792 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:05:34 | 012,705,884 | ---- | M] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:05:34 | 000,934,912 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapo.dll
[2013/07/31 20:05:34 | 000,531,968 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:05:34 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stcplx.dll
[2013/07/31 20:05:34 | 000,179,712 | ---- | M] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 20:05:33 | 000,380,928 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2013/07/31 20:05:33 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2013/07/31 20:05:32 | 000,140,288 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2013/07/31 20:05:32 | 000,061,440 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2013/07/31 19:30:11 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/18 21:01:13 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 16:12:30 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/07/16 13:56:11 | 000,000,312 | ---- | M] () -- C:\windows\wininit.ini
[2013/07/16 12:22:17 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013/07/16 12:22:17 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013/07/16 12:22:17 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/07/16 12:22:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/07/16 12:22:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/07/16 12:22:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/07/16 12:06:16 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/07/13 17:25:03 | 000,346,352 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/10 10:16:20 | 000,000,098 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013/08/10 10:14:01 | 000,666,633 | ---- | C] () -- C:\Users\Moar\Desktop\adwcleaner.exe
[2013/08/09 20:41:30 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/08/09 20:41:30 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:02:44 | 000,000,763 | ---- | C] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/07/31 20:06:47 | 000,001,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2013/07/31 19:30:11 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/18 21:01:13 | 000,002,143 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 15:08:57 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2013/07/16 15:07:30 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/07/16 13:54:32 | 000,000,312 | ---- | C] () -- C:\windows\wininit.ini
[2013/07/16 12:21:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
[2011/09/26 15:23:50 | 000,098,304 | ---- | C] () -- C:\windows\System32\redmonnt.dll
[2011/09/24 10:31:23 | 000,000,204 | ---- | C] () -- C:\windows\MYOBP.INI
[2011/09/24 10:31:23 | 000,000,041 | ---- | C] () -- C:\windows\MYOB.INI
[2011/09/24 10:27:30 | 000,000,663 | ---- | C] () -- C:\windows\openrda.ini
[2011/09/24 10:27:12 | 000,000,000 | ---- | C] () -- C:\windows\drvxl32.INI
[2011/09/24 10:27:10 | 000,000,000 | ---- | C] () -- C:\windows\drvwd32.INI
[2011/06/17 18:23:53 | 000,001,849 | ---- | C] () -- C:\Users\Moar\AppData\Roaming\GhostObjGAFix.xml

========== ZeroAccess Check ==========

[2009/07/14 16:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 16:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 13:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

#6
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hey, how your computer is running now?

What about these?

Have you installed Avast before?

Two AV's on one computer warning

I have noticed, that you are using 2 antiviruses - McAfee and Microsoft Security Essentials on one computer. This can lead to several hangs and in the worst case - to the crash of the whole system. So, please, remove one of these AV's, and keep on your PC only one antivirus program.


Please, uninstall one from current AV's and follow these steps:

Step 1. AdwCleaner scan.

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.

After reboot:

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • AdwCleaner window should appear.
  • Click on the Search button.
  • After scan Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. Virustotal scan.

  • Please, upload the file C:\windows\System32\wbem\WMIADAP.EXE to VirusTotal.
  • If File already analysed window will appear, click on Reanalyse button.
  • When scan will be finished, post the link to result (you can copy it from address bar in your browser) in your next message.

Step 3. OTL scan.

  • Open OTL again.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

  • OTL log
  • AdwCleaner log
  • Link to VT scan results

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP