hipannekoek
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by hipannekoek
-
-
Aaarrghh.
Tried uninstalling and installing IE9. Not it fails to install....
-
Kevin,
Followed all the steps.
Unfortunately, Internet Explorer crashes repeatedly and regularly:
- it will crash when it is closed
- it will crash when I try to download something
Chrome seems to run fine without issues.
Thanks again for all the help.
-
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java 6 Update 37
Java version out of Date!
Adobe Flash Player 9 Flash Player out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
-
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
Database version: v2012.12.29.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Vostro420 :: FB-02-V420 [administrator]
Protection: Enabled
28/12/2012 8:06:24 PM
mbam-log-2012-12-28 (20-06-24).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211791
Time elapsed: 7 minute(s), 4 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
# AdwCleaner v2.104 - Logfile created 12/29/2012 at 14:08:21
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Vostro420 - FB-02-V420
# Boot Mode : Normal
# Running from : C:\Users\Vostro420\Downloads\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
Folder Deleted : C:\ProgramData\Ask
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Google Chrome v23.0.1271.97
File : C:\Users\Vostro420\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[s1].txt - [2317 octets] - [29/12/2012 14:08:21]
########## EOF - C:\AdwCleaner[s1].txt - [2377 octets] ##########
Securtity Check is still running (now 5 minutes) "Performing System Health Check" I think it is hanging.
-
Kevin,
MSE appears to be working fine and links in Google are now going to the correct places. Everything looks fine. Thanks for the help. Really appreciate it. Please find below the logs as requested.
Fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2012
Ran by SYSTEM at 2012-12-29 13:08:45 Run:1
Running from F:\
==============================================
HKU\start\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids\\ Value not found.
HKEY_USERS\Vostro420\Software\Microsoft\Windows\CurrentVersion\Run\\fvsrrymfan Value deleted successfully.
HKU\HKU\Vostro420\...\Run: [fvsrrymfan] rundll32 "\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids\\fvsrrymfan Value not found.
HKU\C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll",Mfhewg [122880 2012-12-22] ()C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids\\fvsrrymfan Value not found.
C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll,Mfhewg [122880 2012-12-22] ()C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll not found.
HKU\end\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids\\fvsrrymfan Value not found.
==== End of Fixlog ====
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by Vostro420 at 13:12:46 on 2012-12-29
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3071.1774 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Google Update] "c:\users\vostro420\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [GoodSync] "c:\program files\siber systems\goodsync\GoodSync.exe" /min
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [ToolboxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP LaserJet Professional M1530 MFP Series Fax] c:\program files\hp\digital imaging\fax\fax driver 0.6 base\hppfaxprintersrv.exe "HP LaserJet Professional M1530 MFP Series Fax"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [ConnectionManager] c:\program files\winsim\connectionmanager\Simply.SystemTrayIcon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ACSW14EN] "c:\program files\acd systems\acdsee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {1663ed6a-23eb-11d2-b92f-008048fdd814} - hxxps://vt.globalpay.com/admin/objects/smsx.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{8115AB82-A9F0-46A3-A2A9-974C3D20D46B} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 MpKsldb69a728;MpKsldb69a728;c:\programdata\microsoft\microsoft antimalware\definition updates\{069115c9-3316-447f-9303-5d8959b0a29b}\MpKsldb69a728.sys [2012-12-29 29904]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2011-6-22 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128]
R2 DbgMsg;Debug Message;c:\windows\system32\drivers\DbgMsg.sys [2011-7-1 18240]
R2 GsServer;GoodSync Server;c:\program files\siber systems\goodsync\Gs-Server.exe [2012-1-13 3002808]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-10-25 145920]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 99272]
R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager;c:\program files\winsim\connectionmanager\SimplyConnectionManager.exe [2011-12-22 21320]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2009-11-3 14592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-28 14848]
S3 Sage Simply Accounting Transaction Manager 2011 - CDN;Sage Simply Accounting Transaction Manager 2011 - CDN;c:\program files\winsim\transactionmanager2011 - cdn\Sage_SA.TransactionManager.exe [2011-6-7 46408]
S3 Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN;c:\program files\winsim\transactionmanager2012 - cdn\Sage_SA.TransactionManager.exe [2012-6-8 46440]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-12-28 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-23 1343400]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-29 21:10:23 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{069115c9-3316-447f-9303-5d8959b0a29b}\MpKsldb69a728.sys
2012-12-29 17:56:16 -------- d-----w- C:\FRST
2012-12-29 05:46:43 -------- d-----w- C:\_OTL
2012-12-29 05:18:38 740840 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8cb422e3-a101-48d4-ab39-85998eb0a70f}\gapaengine.dll
2012-12-29 05:18:33 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{069115c9-3316-447f-9303-5d8959b0a29b}\mpengine.dll
2012-12-29 05:03:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-29 04:42:41 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-12-29 04:42:39 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{05855468-169c-405f-a34a-8cfdd478f971}\mpengine.dll
2012-12-29 04:05:22 -------- d-----w- c:\users\vostro420\appdata\roaming\Malwarebytes
2012-12-29 04:05:15 -------- d-----w- c:\programdata\Malwarebytes
2012-12-29 04:05:00 -------- d-----w- c:\users\vostro420\appdata\local\Programs
2012-12-29 03:51:38 247808 ----a-w- c:\windows\system32\schannel.dll
2012-12-29 03:51:37 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-29 03:51:37 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-29 03:51:37 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-29 03:51:37 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-29 03:51:35 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-12-28 07:00:19 -------- d-----w- c:\program files\PC Tools
2012-12-28 06:46:20 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-12-28 06:46:17 -------- d-----w- c:\program files\common files\PC Tools
2012-12-28 06:45:00 -------- d-----w- c:\programdata\PC Tools
2012-12-28 06:44:57 -------- d-----w- c:\users\vostro420\appdata\roaming\TestApp
2012-12-28 03:54:02 -------- d-----w- c:\windows\pss
2012-12-22 17:29:24 122880 --sha-r- c:\users\vostro420\appdata\roaming\bitsadmina.dll
2012-12-21 11:00:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 11:00:44 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 13:30:06 2345984 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-12-11 23:06:55 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-11 23:06:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-22 05:13:03 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-22 05:13:03 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
============= FINISH: 13:13:59.73 ===============
attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 22/06/2011 11:43:34 PM
System Uptime: 29/12/2012 1:09:37 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0N185P
Processor: Intel® Core2 Quad CPU Q8200 @ 2.33GHz | Socket 775 | 2328/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 190.729 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 733.094 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 7000 E809a
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 7000 E809a
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet M1536dnf MFP
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: Hewlett-Packard
Name: HP LaserJet M1536dnf MFP
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
7000E809a
7000E809a_eDocs
7000E809a_Help
ACDSee 14
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat 8 Professional
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Design Premium
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 9 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Bing Rewards Client Installer
BPDSoftware
BPDSoftware_Ini
BufferChm
D-Link SmartConsole Utility
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Resource CD
DeviceDiscovery
Dynex All-in-1 Card Reader
EST Desktop 2.0 2.0.1211.0.11
GoodSync
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
HP Customer Participation Program 14.0
HP FWUpdateEDO3
HP Imaging Device Functions 14.0
HP LaserJet Professional M1530 MFP Series
HP LJ M1530 MFP Series HP Scan
HP Officejet 7000 E809a Series
HP Photo Creations
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPLaserJetHelp_LearnCenter
HPLJUT
hppFaxDrvM1530
hppFaxUtilityM1530
hppLaserJetService
hppM1530LaserJetService
HPProductAssistant
hppSendFaxM1530
hppTLBXFXM1530
HPSSupply
hpzTLBXFX
I.R.I.S. OCR
Java Auto Updater
Java 6 Update 37
Logitech Webcam Software
MailingCheck
MarketResearch
MeadCo ScriptX (v7.0.0.8 (x86))
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPhotoCreations
MySQL Connector/ODBC 3.51
Network
PDF Settings
Picasa 3
Polar Precision Performance SW
Polar WebLink 2.4.11
ProductContext
QNAP Finder
Realtek High Definition Audio Driver
RoboForm 7-8-4-7 (All Users)
Sage Download Manager
Sage Simply Accounting 2011
Sage Simply Accounting 2012
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SendBlaster
Shop for HP Supplies
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Silicon Laboratories USBXpress Device (Driver Removal)
Skype Click to Call
Skype™ 6.0
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WeatherLink 5.9.2
WeatherLink 5.9.3
WebReg
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
29/12/2012 1:11:06 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
28/12/2012 7:07:18 PM, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
28/12/2012 10:36:39 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
27/12/2012 7:58:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
27/12/2012 7:58:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
27/12/2012 7:57:45 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 7:53:50 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
27/12/2012 11:02:42 PM, Error: PCTCore [280] -
27/12/2012 10:28:33 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
27/12/2012 10:28:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
27/12/2012 10:28:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
27/12/2012 10:28:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
-
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2012
Ran by SYSTEM at 29-12-2012 09:56:22
Running from F:\
Windows 7 Professional (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()
HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [ToolboxFX] "C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on [58936 2010-10-25] (Hewlett-Packard Company)
HKLM\...\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional M1530 MFP Series Fax" [2459192 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [620152 2006-10-22] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [99656 2011-12-22] (Sage)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [ACSW14EN] "C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN [1231472 2011-11-17] (ACD Systems)
HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947176 2012-09-12] (Microsoft Corporation)
HKU\Vostro420\...\Run: [Google Update] "C:\Users\Vostro420\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-06-22] (Google Inc.)
HKU\Vostro420\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-06-22] (Google Inc.)
HKU\Vostro420\...\Run: [GoodSync] "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /min [6356920 2012-01-13] ()
HKU\Vostro420\...\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [109336 2012-11-28] (Siber Systems)
HKU\Vostro420\...\Run: [fvsrrymfan] rundll32 "C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll",Mfhewg [122880 2012-12-22] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Services (Whitelisted) ===================
2 AERTFilters; C:\Windows\System32\AERTSrv.exe [81920 2008-07-15] (Andrea Electronics Corporation)
2 GsServer; C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe /service [3002808 2012-01-13] ()
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [20472 2012-09-12] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [287824 2012-09-12] (Microsoft Corporation)
3 Sage Simply Accounting Transaction Manager 2011 - CDN; C:\Program Files\Winsim\TransactionManager2011 - CDN\Sage_SA.TransactionManager.exe [46408 2011-06-07] (Sage)
3 Sage Simply Accounting Transaction Manager 2012 - CDN; C:\Program Files\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe [46440 2012-06-08] (Sage)
2 Simply Accounting Database Connection Manager; C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe [21320 2011-12-22] (Sage)
==================== Drivers (Whitelisted) ====================
2 DbgMsg; \??\C:\Windows\System32\Drivers\DbgMsg.sys [18240 2008-07-07] (Compuware Corporation - NuMega Lab)
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
3 PolarUSB; C:\Windows\System32\DRIVERS\PolarUSB.sys [17343 2001-07-12] (Polar Electro)
3 SIUSBXP; C:\Windows\System32\drivers\SiUSBXp.sys [14592 2009-11-03] (Silicon Laboratories)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2012-12-28 23:48 - 2012-12-28 23:49 - 00013364 ____A C:\Users\Vostro420\Downloads\hijackthis.log
2012-12-28 23:48 - 2012-12-28 23:48 - 00388608 ____A (Trend Micro Inc.) C:\Users\Vostro420\Downloads\HijackThis.exe
2012-12-28 22:16 - 2012-12-28 22:16 - 00688992 ____R (Swearware) C:\Users\Vostro420\Downloads\dds.com
2012-12-28 21:46 - 2012-12-28 21:46 - 00000000 ____D C:\_OTL
2012-12-28 21:03 - 2012-12-28 21:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-12-28 20:37 - 2012-12-28 22:45 - 00019883 ____A C:\Users\Vostro420\Desktop\dds.txt
2012-12-28 20:37 - 2012-12-28 22:18 - 00018370 ____A C:\Users\Vostro420\Desktop\attach.txt
2012-12-28 20:26 - 2012-12-28 21:36 - 00077614 ____A C:\Users\Vostro420\Downloads\Extras.Txt
2012-12-28 20:25 - 2012-12-28 22:58 - 00081472 ____A C:\Users\Vostro420\Downloads\OTL.Txt
2012-12-28 20:19 - 2012-12-28 20:19 - 00602112 ____A (OldTimer Tools) C:\Users\Vostro420\Downloads\OTL.exe
2012-12-28 20:05 - 2012-12-28 20:05 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\Malwarebytes
2012-12-28 20:05 - 2012-12-28 20:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-12-28 19:52 - 2012-08-23 06:48 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2012-12-28 19:52 - 2012-08-23 06:44 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2012-12-28 19:52 - 2012-08-23 06:40 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-12-28 19:52 - 2012-08-23 06:10 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-12-28 19:52 - 2012-08-23 06:10 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-28 19:52 - 2012-08-23 05:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2012-12-28 19:52 - 2012-08-23 05:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2012-12-28 19:52 - 2012-08-23 05:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2012-12-28 19:52 - 2012-08-23 05:32 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-12-28 19:52 - 2012-08-23 05:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2012-12-28 19:52 - 2012-08-23 03:40 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2012-12-28 19:52 - 2012-08-23 03:32 - 00317440 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2012-12-28 19:52 - 2012-08-23 03:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2012-12-28 19:52 - 2012-08-23 03:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2012-12-28 19:52 - 2012-08-23 02:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-12-28 19:52 - 2012-08-23 02:08 - 02739712 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-12-28 19:52 - 2012-08-23 00:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-12-28 19:51 - 2012-08-24 09:05 - 00136560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-12-28 19:51 - 2012-08-24 09:02 - 00369856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-12-28 19:51 - 2012-08-24 08:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-12-28 19:51 - 2012-08-24 08:57 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-12-28 19:51 - 2012-08-24 08:56 - 01039360 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-12-28 19:51 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-12-27 23:00 - 2012-12-27 23:00 - 01931088 ____A (Symantec Corporation) C:\Users\Vostro420\Downloads\FixTDSS.exe
2012-12-27 23:00 - 2012-12-27 23:00 - 00000000 ____D C:\Program Files\PC Tools
2012-12-27 22:46 - 2012-12-28 19:16 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2012-12-27 22:46 - 2012-12-27 22:47 - 01524547 ____A C:\Windows\System32\Drivers\Cat.DB
2012-12-27 22:46 - 2012-11-01 15:35 - 00202280 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD.sys
2012-12-27 22:45 - 2012-12-28 19:07 - 00000000 ____D C:\Users\All Users\PC Tools
2012-12-27 22:44 - 2012-12-27 22:44 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\TestApp
2012-12-27 22:42 - 2012-12-27 22:43 - 04166136 ____A (PC Tools) C:\Users\Vostro420\Downloads\spdoc.exe
2012-12-27 22:38 - 2012-12-27 22:38 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Vostro420\Downloads\tdsskiller.exe
2012-12-27 19:54 - 2012-12-27 19:54 - 00000000 ____D C:\Windows\pss
2012-12-22 09:29 - 2012-12-22 09:29 - 00122880 _RASH C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll
2012-12-21 03:00 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-21 03:00 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-13 08:23 - 2012-12-13 08:23 - 00000000 ____D C:\Program Files\Common Files\Skype
2012-12-12 22:43 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-12 22:43 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-12 22:43 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-12 22:43 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-12 22:43 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-12 22:43 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-12 22:43 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-12 22:43 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-12 22:43 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-12 22:43 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-12 22:43 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-12 22:43 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-12 22:43 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-12 22:43 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-12 22:43 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-12 22:43 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-12 05:30 - 2012-11-21 18:56 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-12 05:29 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-12 05:29 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-12 05:29 - 2012-10-04 08:47 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-12-12 05:29 - 2012-10-04 08:43 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-12 05:29 - 2012-10-04 08:43 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 06:57 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-12-12 05:29 - 2012-10-04 06:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 06:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 06:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 05:29 - 2012-10-04 06:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-12-10 10:48 - 2012-12-10 10:49 - 00012800 ____A C:\Users\Vostro420\Downloads\bbc829aa9ef74e879b55048ec74287c5.xls
==================== One Month Modified Files and Folders ========
2012-12-29 09:50 - 2011-06-22 22:26 - 01096125 ____A C:\Windows\WindowsUpdate.log
2012-12-29 09:50 - 2009-07-13 20:34 - 00013792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-29 09:50 - 2009-07-13 20:34 - 00013792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-29 09:48 - 2011-06-22 23:24 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-29 09:48 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-29 09:47 - 2011-06-22 22:46 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2012-12-29 09:47 - 2009-07-13 20:39 - 00045456 ____A C:\Windows\setupact.log
2012-12-29 09:46 - 2012-01-02 21:14 - 00000000 ____D C:\Users\Vostro420\Documents\Outlook Files
2012-12-29 09:45 - 2011-06-22 23:05 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784824154-2186569503-2690575908-1000UA.job
2012-12-29 09:45 - 2011-06-22 22:48 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-29 09:06 - 2012-07-02 09:06 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-29 09:04 - 2011-06-22 23:24 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-29 08:45 - 2011-06-22 23:05 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784824154-2186569503-2690575908-1000Core.job
2012-12-29 00:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
2012-12-29 00:00 - 2011-06-22 23:55 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\GoodSync
2012-12-28 23:49 - 2012-12-28 23:48 - 00013364 ____A C:\Users\Vostro420\Downloads\hijackthis.log
2012-12-28 23:48 - 2012-12-28 23:48 - 00388608 ____A (Trend Micro Inc.) C:\Users\Vostro420\Downloads\HijackThis.exe
2012-12-28 22:58 - 2012-12-28 20:25 - 00081472 ____A C:\Users\Vostro420\Downloads\OTL.Txt
2012-12-28 22:45 - 2012-12-28 20:37 - 00019883 ____A C:\Users\Vostro420\Desktop\dds.txt
2012-12-28 22:34 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-12-28 22:18 - 2012-12-28 20:37 - 00018370 ____A C:\Users\Vostro420\Desktop\attach.txt
2012-12-28 22:16 - 2012-12-28 22:16 - 00688992 ____R (Swearware) C:\Users\Vostro420\Downloads\dds.com
2012-12-28 22:09 - 2011-06-22 23:29 - 00039180 ____A C:\Windows\PFRO.log
2012-12-28 21:46 - 2012-12-28 21:46 - 00000000 ____D C:\_OTL
2012-12-28 21:36 - 2012-12-28 20:26 - 00077614 ____A C:\Users\Vostro420\Downloads\Extras.Txt
2012-12-28 21:05 - 2011-06-23 21:06 - 00001945 ____A C:\Windows\epplauncher.mif
2012-12-28 21:03 - 2012-12-28 21:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-12-28 21:03 - 2012-01-01 15:47 - 00000000 ____D C:\Windows\System32\appmgmt
2012-12-28 20:19 - 2012-12-28 20:19 - 00602112 ____A (OldTimer Tools) C:\Users\Vostro420\Downloads\OTL.exe
2012-12-28 20:05 - 2012-12-28 20:05 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\Malwarebytes
2012-12-28 20:05 - 2012-12-28 20:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-12-28 19:58 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
2012-12-28 19:23 - 2011-06-23 00:37 - 00004856 ____A C:\Users\All Users\hpzinstall.log
2012-12-28 19:16 - 2012-12-27 22:46 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2012-12-28 19:10 - 2011-06-23 00:24 - 00000000 ____D C:\Program Files\Common Files\ACD Systems
2012-12-28 19:07 - 2012-12-27 22:45 - 00000000 ____D C:\Users\All Users\PC Tools
2012-12-27 23:00 - 2012-12-27 23:00 - 01931088 ____A (Symantec Corporation) C:\Users\Vostro420\Downloads\FixTDSS.exe
2012-12-27 23:00 - 2012-12-27 23:00 - 00000000 ____D C:\Program Files\PC Tools
2012-12-27 22:47 - 2012-12-27 22:46 - 01524547 ____A C:\Windows\System32\Drivers\Cat.DB
2012-12-27 22:44 - 2012-12-27 22:44 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\TestApp
2012-12-27 22:43 - 2012-12-27 22:42 - 04166136 ____A (PC Tools) C:\Users\Vostro420\Downloads\spdoc.exe
2012-12-27 22:38 - 2012-12-27 22:38 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Vostro420\Downloads\tdsskiller.exe
2012-12-27 19:54 - 2012-12-27 19:54 - 00000000 ____D C:\Windows\pss
2012-12-27 12:24 - 2011-06-26 22:50 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\Skype
2012-12-22 09:29 - 2012-12-22 09:29 - 00122880 _RASH C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll
2012-12-21 03:20 - 2009-07-13 20:33 - 01761288 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-16 06:13 - 2012-12-21 03:00 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 06:13 - 2012-12-21 03:00 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-14 16:27 - 2011-06-22 23:05 - 00000000 ____D C:\Users\Vostro420\AppData\Local\Google
2012-12-13 08:25 - 2011-06-22 23:08 - 00002467 ____A C:\Users\Vostro420\Desktop\Google Chrome.lnk
2012-12-13 08:23 - 2012-12-13 08:23 - 00000000 ____D C:\Program Files\Common Files\Skype
2012-12-13 08:23 - 2011-06-26 22:48 - 00002503 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-13 08:23 - 2011-06-26 22:48 - 00000000 ___RD C:\Program Files\Skype
2012-12-13 08:23 - 2011-06-26 22:47 - 00000000 ____D C:\Users\All Users\Skype
2012-12-12 22:44 - 2011-06-23 00:08 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-12 22:39 - 2011-06-23 01:41 - 65087872 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-11 15:06 - 2012-07-02 09:06 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-12-11 15:06 - 2011-06-22 23:54 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-12-10 14:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
2012-12-10 10:49 - 2012-12-10 10:48 - 00012800 ____A C:\Users\Vostro420\Downloads\bbc829aa9ef74e879b55048ec74287c5.xls
2012-12-03 05:37 - 2011-06-23 00:42 - 00000000 ____D C:\Users\Vostro420\AppData\Roaming\HpUpdate
2012-11-30 15:53 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\System32\FxsTmp
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 4094.99 MB
Available physical RAM: 3589.27 MB
Total Pagefile: 4093.27 MB
Available Pagefile: 3589.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.7 MB
==================== Partitions =============================
1 Drive c: (OS) (Fixed) (Total:298.05 GB) (Free:190.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive f: () (Removable) (Total:1.88 GB) (Free:1.62 GB) FAT
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (Data) (Fixed) (Total:931.51 GB) (Free:733.1 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 298 GB 1024 KB
Disk 2 Online 1922 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB
=========================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y Data NTFS Partition 931 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 298 GB 40 MB
=========================================================
Disk: 1
Partition 1
Type : DE
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 39 MB Healthy Hidden
=========================================================
Disk: 1
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 298 GB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1921 MB 16 KB
=========================================================
Disk: 2
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT Removable 1921 MB Healthy
=========================================================
Last Boot: 2012-12-25 00:58
==================== End Of Log ============================
-
Based on some other topics about similar issues, I downloaded and ran OTL.
Here is OTL.txt: (extras.txt is below).
OTL logfile created on: 28/12/2012 8:20:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vostro420\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.24% Memory free
6.00 Gb Paging File | 4.46 Gb Available in Paging File | 74.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.05 Gb Total Space | 190.89 Gb Free Space | 64.05% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 733.54 Gb Free Space | 78.75% Space Free | Partition Type: NTFS
Computer Name: FB-02-V420 | User Name: Vostro420 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Vostro420\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe ()
PRC - C:\Program Files\Siber Systems\GoodSync\GoodSync.exe ()
PRC - C:\Program Files\winsim\ConnectionManager\Simply.SystemTrayIcon.exe (Sage)
PRC - C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe (Sage)
PRC - C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe (ACD Systems)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a67380b6387234a8a9032ccd5c3dbf4e\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\f2fb3f4856c403795db6db3f354f1f0b\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\Simply.ConnectionManagerService\15.0.0.1__bfd98eaca3f932d5\Simply.ConnectionManagerService.dll ()
MOD - C:\Program Files\Siber Systems\GoodSync\GoodSync.exe ()
MOD - C:\Program Files\HP\ToolboxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe ()
========== Services (SafeList) ==========
SRV - (Sage Simply Accounting Transaction Manager 2012 - CDN) -- C:\Program Files\Winsim\TransactionManager2012 File not found
SRV - (Sage Simply Accounting Transaction Manager 2011 - CDN) -- C:\Program Files\Winsim\TransactionManager2011 File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (GsServer) -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe ()
SRV - (Simply Accounting Database Connection Manager) -- C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe (Sage)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (HP LaserJet Service) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
========== Driver Services (SafeList) ==========
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (SIUSBXP) -- C:\Windows\System32\drivers\SiUSBXp.sys (Silicon Laboratories)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (DbgMsg) -- C:\Windows\System32\drivers\DbgMsg.sys (Compuware Corporation - NuMega Lab)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 7C 5F 02 71 31 CC 01 [binary data]
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.ca/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_en-GBCA437
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}: "URL" = http://www.search-results.com/web?q={searchTerms}&o=15868&l=dis&prt=BDIE&chn=retail&geo=CA&ver=4.0.0.1884
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vostro420\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vostro420\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/07/05 20:46:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/07/05 20:46:23 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vostro420\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vostro420\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vostro420\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Users\Vostro420\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
O1 HOSTS File: ([2009/06/10 13:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ACSW14EN] C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe (ACD Systems)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ConnectionManager] C:\Program Files\winsim\ConnectionManager\Simply.SystemTrayIcon.exe (Sage)
O4 - HKLM..\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000..\Run: [fvsrrymfan] C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll ()
O4 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000..\Run: [GoodSync] C:\Program Files\Siber Systems\GoodSync\GoodSync.exe ()
O4 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-784824154-2186569503-2690575908-1000..\Run: [soahkaoqdu] C:\Users\Vostro420\AppData\Roaming\Ehyna\ecfy.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1663ed6a-23eb-11d2-b92f-008048fdd814} https://vt.globalpay.com/admin/objects/smsx.cab (MeadCo Extended HTML Printing)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8115AB82-A9F0-46A3-A2A9-974C3D20D46B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8a49023a-a762-11e0-b3d0-0024e81653b9}\Shell - "" = AutoRun
O33 - MountPoints2\{8a49023a-a762-11e0-b3d0-0024e81653b9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f2c5d438-2ce7-11e1-aa00-0024e81653b9}\Shell - "" = AutoRun
O33 - MountPoints2\{f2c5d438-2ce7-11e1-aa00-0024e81653b9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/12/28 20:05:23 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/28 20:05:22 | 000,000,000 | ---D | C] -- C:\Users\Vostro420\AppData\Roaming\Malwarebytes
[2012/12/28 20:05:15 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/28 20:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/28 20:05:00 | 000,000,000 | ---D | C] -- C:\Users\Vostro420\AppData\Local\Programs
[2012/12/28 19:52:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012/12/28 19:52:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/12/28 19:52:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2012/12/28 19:52:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/12/28 19:52:42 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/12/28 19:52:41 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/12/28 19:52:41 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/12/28 19:52:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012/12/28 19:52:41 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2012/12/28 19:52:41 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2012/12/28 19:52:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2012/12/28 19:52:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/12/28 19:52:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/12/28 19:52:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2012/12/28 19:52:40 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/12/28 19:51:37 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/12/28 19:51:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/12/27 23:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/12/27 22:46:20 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/12/27 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/12/27 22:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/12/27 22:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/12/27 22:44:57 | 000,000,000 | ---D | C] -- C:\Users\Vostro420\AppData\Roaming\TestApp
[2012/12/27 19:54:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/12/21 03:00:44 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/21 03:00:44 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/13 08:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/13 08:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/12/12 22:43:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/12 22:43:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/12 22:43:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/12 22:43:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/12 22:43:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/12 22:43:52 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/12 22:43:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/12 22:43:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/12 05:30:06 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/12 05:29:58 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/12/12 05:29:58 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/12/12 05:29:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/12/12 05:29:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/12 05:29:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/12 05:29:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/12/12 05:29:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/12 05:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/12/12 05:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/12/12 05:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/12 05:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/12 05:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/12/12 05:29:47 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/12 05:29:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
========== Files - Modified Within 30 Days ==========
[2012/12/28 20:07:59 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/28 20:07:59 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/28 20:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/28 20:04:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/28 20:01:12 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/28 20:00:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/28 20:00:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012/12/28 20:00:19 | 2415,120,384 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/28 19:57:59 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/28 19:45:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-784824154-2186569503-2690575908-1000UA.job
[2012/12/28 08:45:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-784824154-2186569503-2690575908-1000Core.job
[2012/12/27 22:47:18 | 001,524,547 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012/12/27 12:53:48 | 000,624,162 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/27 12:53:48 | 000,106,538 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/22 09:29:24 | 000,122,880 | RHS- | M] () -- C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll
[2012/12/21 03:20:34 | 001,761,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/16 06:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/16 06:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/13 08:25:34 | 000,002,467 | ---- | M] () -- C:\Users\Vostro420\Desktop\Google Chrome.lnk
[2012/12/13 08:23:38 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/11 15:06:55 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/11 15:06:55 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2012/12/27 22:46:25 | 001,524,547 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012/12/22 09:29:24 | 000,122,880 | RHS- | C] () -- C:\Users\Vostro420\AppData\Roaming\bitsadmina.dll
[2012/01/04 18:48:47 | 000,000,017 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\resmon.resmoncfg
[2011/12/19 21:42:07 | 000,000,530 | ---- | C] () -- C:\Windows\hpwmdl25.dat.temp
[2011/12/08 11:26:29 | 000,000,000 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\{6B726414-3D01-4EFA-9139-FE155B37F036}
[2011/11/22 11:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\{E73F65E3-C42B-4B75-BA44-56C74D93858E}
[2011/11/09 10:57:24 | 000,000,000 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\{83188971-3CC0-457B-BF22-90BBF6CA98E3}
[2011/11/09 10:55:26 | 000,000,000 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\{7CB42929-C11E-4812-8B49-1B587EC4DB9B}
[2011/11/09 10:44:00 | 000,000,000 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\{412AE95D-09B4-45AC-B8B3-04F3AE2FEFCB}
[2011/07/05 20:33:19 | 000,218,099 | ---- | C] () -- C:\Windows\hpwins25.dat
[2011/07/05 20:33:19 | 000,000,530 | ---- | C] () -- C:\Windows\hpwmdl25.dat
[2011/07/01 18:08:28 | 000,028,672 | ---- | C] () -- C:\Windows\dbgmsgcfg.dll
[2011/06/29 20:49:35 | 000,010,752 | ---- | C] () -- C:\Users\Vostro420\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/29 18:30:02 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/06/24 09:15:42 | 000,103,784 | ---- | C] () -- C:\Users\Vostro420\GoToAssistDownloadHelper.exe
[2011/06/24 08:28:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/06/23 13:42:23 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/06/23 01:19:19 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2011/06/23 00:42:16 | 000,000,608 | -HS- | C] () -- C:\Windows\System32\winzvprt5.sys
[2011/06/23 00:42:16 | 000,000,230 | ---- | C] () -- C:\Windows\System32\hppfaxprinter5.ini
[2011/06/22 22:26:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/04/20 00:21:02 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/03/17 16:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/02/28 20:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
========== ZeroAccess Check ==========
[2009/07/13 20:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 17:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Extras.txt:
OTL Extras logfile created on: 28/12/2012 8:20:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vostro420\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.24% Memory free
6.00 Gb Paging File | 4.46 Gb Available in Paging File | 74.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.05 Gb Total Space | 190.89 Gb Free Space | 64.05% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 733.54 Gb Free Space | 78.75% Space Free | Partition Type: NTFS
Computer Name: FB-02-V420 | User Name: Vostro420 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 14.Manage] -- "C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeQV14.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096E9346-194F-4DE5-A122-FE9B5C9028E2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BD8F6E5-49AC-446B-ABA5-AFDA9A80C1E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0CDBA45A-E74D-47A5-8BDA-1F8FA02D61A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{298BABBA-1E2A-4AC5-B7C1-17C13699639A}" = rport=138 | protocol=17 | dir=out | app=system |
"{29B82D55-63A8-46B5-A264-0E27BD02A4C3}" = rport=137 | protocol=17 | dir=out | app=system |
"{2EE8F8D9-8C39-4894-A671-A1B8925507A4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2F32FBE3-18D3-4E25-8EBD-B42C4818618A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3D1DA8FC-92F4-4C5C-8C8F-3D09927BF08B}" = lport=138 | protocol=17 | dir=in | app=system |
"{42EDFAE5-DCE9-4545-AD22-396895D3E1A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4547A0E2-3A4D-4D19-A762-4AF127164DBC}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{45875928-4F5E-438C-9508-EF5542F60704}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4CC19175-3A2D-45AE-8C31-5CFB30DA90B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50EF1734-B1C0-46EF-B2CE-E8B207CC1F38}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{581720AB-267A-45B9-A33F-A5D633EA3123}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{585D140C-4140-46D2-99C4-BE4A9842253C}" = rport=445 | protocol=6 | dir=out | app=system |
"{65AEEAB8-CC63-4709-828B-4484C2B7D6A0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74EE138E-D29D-43CC-8AE6-C12D52BC5B7A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{794EA90F-E0ED-470A-81DE-8BDE0F12C8EC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7BB445D4-E5E0-4595-9336-9DC88A239803}" = lport=445 | protocol=6 | dir=in | app=system |
"{884E29B3-A664-43FD-9F8B-7AC8F1741AF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{8D717933-9322-4AC4-A8D3-665EEB22BD6E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{97D512FD-2354-424F-BDBC-27E8F6E9B888}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{99DE1860-CBE7-4B0B-AABE-B39C315DA8BD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D07F810-EFAF-424E-8ECD-B04D6A5236E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B022367A-A5A8-4B9E-95E8-44FEECF1BF34}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C39599AB-27B5-4C1B-AB38-61A7AE022128}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{C7179538-98F9-4036-AE34-6F92FD68188D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D8AD03B0-8BF3-4BCA-947A-4D3A22E8DB36}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{DADE80FD-5E93-4DA0-9841-A0075D6DAA56}" = lport=139 | protocol=6 | dir=in | app=system |
"{DB3E681D-4265-466E-B057-9738756C4282}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF7C65E3-A387-4B97-856F-DACF2F23B8E7}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03764A37-E491-4D54-B6EA-0E52A5A88D43}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{04F2B8C8-4B5E-44F6-9783-9176D6AE3577}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0F1B6931-A2F0-49FE-A61A-E16194AD452D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{193F7809-E7F3-464E-98E0-1CC5F74763A1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{25199DD4-2A86-41E5-A321-EAD2B59EC8A1}" = dir=in | app=c:\program files\hp\oj7000ve809a_full_14\setup\hpznui01.exe |
"{2E1E3768-4EE2-4802-BD6E-FA591082E2D7}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{2EB9C823-58A6-488B-A75D-96BACAF8FA66}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{31DAE127-0492-4CE1-A7B3-ABA0D49A4969}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{368E8445-F5C3-4DE9-8268-A3D2B4C1A254}" = protocol=17 | dir=in | app=c:\program files\winsim\connectionmanager\simplyconnectionmanager.exe |
"{38BB6A2F-D6CE-434E-9958-9072343C0D55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{422FA990-2A01-4B78-85AA-2DE1D8D26F14}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{45E9AB39-4798-44C1-B075-BF1EF23F18B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CB319CD-E5D6-40D1-A565-8EFCBBDA89DD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{4D436F63-1F73-4066-AB3A-5BD4BB586A76}" = protocol=6 | dir=in | app=c:\program files\winsim\connectionmanager\simplyconnectionmanager.exe |
"{4F483385-E70C-4F0B-80CF-C16859D2005A}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{50DE242D-0122-47DD-977F-D7252CC24DF9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{529EA435-BD13-4D85-8D26-EFFBC5A9AD79}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{53ACDC35-0E21-4FBA-9802-311BCC4CE116}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{587AE10F-2306-40C4-9C4D-A26FD0E9AEBA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{5DCA92CD-B7ED-4FA1-8542-D23FF83BC7BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{732FE0CF-4C28-462B-B341-DE8E0F2890DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CC39390-43B6-4C7E-AE21-40699E275590}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{829C1D97-6704-4AA4-BDB8-4ACB3669AF87}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{8898ADA4-9BE3-427B-90E9-C03960958301}" = protocol=6 | dir=in | app=c:\program files\winsim\connectionmanager\mysqlbinary\5.0.38\mysql\mysqld-nt.exe |
"{8B593BC7-E852-4FEA-ADF5-29E79F6CAFCE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{8C61E83F-92E9-4CEC-A74C-EC584B50DA8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CAA21F3-E1D5-43D8-9E8B-B6963586C40C}" = protocol=6 | dir=in | app=c:\users\vostro420\appdata\local\temp\7zs11c2\hpdiagnosticcoreui.exe |
"{8E7AAD87-5103-475D-BECA-A0B7F068B658}" = protocol=58 | dir=in | app=system |
"{904CC9CC-3B76-46F1-9615-E03DB5299BF8}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{9171E7B2-4C95-4D44-8408-17010BB7E7E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9FF86533-4E50-4014-9C68-E81437B768A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB45757D-F77A-4F7E-9537-ADEB5F078183}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA9E1AB-1099-4603-A779-721CFEF6532C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C133D59C-6C1B-44EE-A1FF-6FACA0D117A4}" = protocol=17 | dir=in | app=c:\users\vostro420\appdata\local\temp\7zs11c2\hpdiagnosticcoreui.exe |
"{C7624F54-AAC9-4ADC-B5D3-82E35DFADEEF}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{CA3B5CA6-1F57-44B6-B87F-3A6E1D86AE20}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CB777B22-5032-4973-8F48-2EEC49348986}" = protocol=6 | dir=out | app=system |
"{E5170E3A-0D65-462B-ABC8-A9DD717E0AF4}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{EE0B3858-D8C7-4B35-AB30-49D370378391}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE3A57B4-C790-4A13-814D-CB54743ECFB7}" = protocol=17 | dir=in | app=c:\program files\winsim\connectionmanager\mysqlbinary\5.0.38\mysql\mysqld-nt.exe |
"{F198D146-4D5A-4437-8045-3220777E418B}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{F569CC1C-7B76-48DE-8924-7BFAAB4DB389}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCEBB4C3-A825-49CE-99DC-A648E1FB1997}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD7B6095-822E-4B7E-984C-6A9CCE1E141E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0B62F8F2-CECF-4ADD-BF8A-4002F3E5A68E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{43BD828D-FB22-4314-B7C5-E69D7C42FB6D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{822C793B-0ABF-486F-9752-3741EC59FCB7}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{98228A38-42B7-49A4-89B1-BF1250E6561F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A695BE21-8B2A-4518-BFB1-F436F6DC56EC}C:\program files\qnap\finder\finder.exe" = protocol=6 | dir=in | app=c:\program files\qnap\finder\finder.exe |
"TCP Query User{BB0C0071-FA02-4995-8935-7C59A4E2C493}C:\users\vostro420\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\vostro420\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"TCP Query User{CBF5ECF1-1A5B-4AEA-8222-364C7C8688B4}C:\program files\d-link smartconsole utility\d-link smartconsole utility.exe" = protocol=6 | dir=in | app=c:\program files\d-link smartconsole utility\d-link smartconsole utility.exe |
"TCP Query User{D0CF725E-5ED4-4881-99F2-FE67FBF46A2C}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |
"UDP Query User{364740C6-1519-479A-9793-182DC92FA2EC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4461C023-478D-45A3-B893-5E4F430AC778}C:\program files\d-link smartconsole utility\d-link smartconsole utility.exe" = protocol=17 | dir=in | app=c:\program files\d-link smartconsole utility\d-link smartconsole utility.exe |
"UDP Query User{499B12B3-66F3-4B13-AF98-662CBC0E2C9F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{56D9DC60-709C-41A8-B69D-878EB232B62E}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
"UDP Query User{8FE661CE-6377-44AC-A91E-7FB889BEEEFD}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |
"UDP Query User{974FC5C3-ED57-4CB7-8BC6-68631539E116}C:\program files\qnap\finder\finder.exe" = protocol=17 | dir=in | app=c:\program files\qnap\finder\finder.exe |
"UDP Query User{D0845EDC-901C-44F3-B7EC-ECB171C9F842}C:\users\vostro420\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\vostro420\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"UDP Query User{F2662721-4BE4-40B7-98AD-C32C49D11156}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"{12C8466B-9E6E-4C0C-BBA3-F05EDF5C8ECA}" = Polar WebLink 2.4.11
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java 6 Update 37
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CEDEB33-4931-48B1-8010-20618772B58E}" = Sage Simply Accounting 2012
"{2EDDE1F0-62F6-466F-872D-74B7FFB9D35E}" = 7000E809a_eDocs
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{34B93189-6DD6-4445-A4F4-32D0D65B57A6}" = MyPhotoCreations
"{369B1CE1-6D7B-443A-93D5-637FC67326AB}" = MailingCheck
"{37EE481E-E4E9-4F1D-8CEA-4089E8D5280D}" = 7000E809a_Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4006E354-3D24-49BA-A36F-7EB75D50D575}" = hppLaserJetService
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{44E1D9AA-2A0E-48B8-BA26-136C2149C8AD}" = HP Officejet 7000 E809a Series
"{4843994F-AE6A-49A7-9A3D-BC40DB16B0D5}" = 7000E809a
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B04142C-F303-46E8-A3E1-BCD37036108D}" = ProductContext
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53AB83B3-9908-44DF-97B5-C107140F26AD}" = Sage Simply Accounting 2011
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}" = ACDSee 14
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{74280B5D-A0AF-46c5-9C85-D9EA078262F1}" = HP LaserJet Professional M1530 MFP Series
"{756BCE8E-1AFA-4D74-A704-6E0252665891}" = BPDSoftware_Ini
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{865E1902-B6FE-4AF0-B61D-A82EBC53569E}" = hppSendFaxM1530
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2010
"{90140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOK_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOK_{C8CABA12-53F4-4721-AA1D-495782D0C309}" =
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOK_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.OUTLOOK_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9112FEA9-0F64-453C-BEA5-9A782F87EDAA}" = hppTLBXFXM1530
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99716D64-2AD1-40E0-86F1-EA5DA90E3E0A}" = SendBlaster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1D53426-D6F3-4886-A72B-E1A8C82259E9}" = hppM1530LaserJetService
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3A18593-62BE-4AE1-AF3F-E35179CF042E}" = hpzTLBXFX
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6CB4C7C-A6ED-45EB-8719-02808CC5A6BB}" = BPDSoftware
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A82D0C46-EBDF-4B27-A731-D06EF2056E81}" = HP FWUpdateEDO3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B2AA0F22-E167-4C4A-BAE2-E0025028E61B}" = HPLaserJetHelp_LearnCenter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B562C735-BAB2-473D-AF3C-80D1C8284020}" = D-Link SmartConsole Utility
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}" = HP LJ M1530 MFP Series HP Scan
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C462F75B-9A35-4A84-AE52-E8C9112AAE87}" = hppFaxUtilityM1530
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C7C88E00-129D-4A91-96A0-4338B41A6A48}" = WeatherLink 5.9.2
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF7DBA84-0A55-11D6-A0A6-6A7573736972}" = Polar Precision Performance SW
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2682E66-3DEF-4066-AD9F-70DDB96CDDCC}" = MeadCo ScriptX (v7.0.0.8 (x86))
"{F929096B-54A0-4C5C-B125-1E7EB1917412}" = MySQL Connector/ODBC 3.51
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC7C2707-5E28-4653-8922-CADDD6C439D9}" = WeatherLink 5.9.3
"{FD575F8B-6141-455A-8AE5-F2D2E08520FC}" = hppFaxDrvM1530
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"4336-8086-6854-6034" = EST Desktop 2.0 2.0.1211.0.11
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"AI RoboForm" = RoboForm 7-8-4-7 (All Users)
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"InstallShield_{2CEDEB33-4931-48B1-8010-20618772B58E}" = Sage Simply Accounting 2012
"InstallShield_{53AB83B3-9908-44DF-97B5-C107140F26AD}" = Sage Simply Accounting 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.OUTLOOK" = Microsoft Outlook 2010
"Picasa 3" = Picasa 3
"QNAP_FINDER" = QNAP Finder
"Shop for HP Supplies" = Shop for HP Supplies
"SIUSBXP&10C4&EA61" = Silicon Laboratories USBXpress Device (Driver Removal)
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-784824154-2186569503-2690575908-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2f8d25aeed0b3ae4" = Sage Download Manager
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20/09/2012 12:08:47 PM | Computer Name = FB-02-V420 | Source = ThreadLib | ID = 0
Description =
Error - 20/09/2012 12:10:49 PM | Computer Name = FB-02-V420 | Source = ThreadLib | ID = 0
Description =
Error - 20/09/2012 12:11:31 PM | Computer Name = FB-02-V420 | Source = ThreadLib | ID = 0
Description =
Error - 24/09/2012 2:49:07 PM | Computer Name = FB-02-V420 | Source = Application Hang | ID = 1002
Description = The program SimplyAccounting.exe version 19.0.0.4 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1f00 Start
Time: 01cd9a81f690bbea Termination Time: 10 Application Path: C:\Program Files\Sage
Simply Accounting Premium 2012\SimplyAccounting.exe Report Id: 64d40604-0678-11e2-9361-0024e81653b9
Error - 24/10/2012 12:13:00 AM | Computer Name = FB-02-V420 | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 12.0.6662.5003 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c70 Start
Time: 01cdb08934bd296f Termination Time: 0 Application Path: C:\Program Files\Microsoft
Office\Office12\WINWORD.EXE Report Id:
Error - 24/11/2012 12:58:32 PM | Computer Name = FB-02-V420 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16455 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c08 Start
Time: 01cdca0607fd5a44 Termination Time: 26 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 25/12/2012 2:30:14 AM | Computer Name = FB-02-V420 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1630 Start
Time: 01cddf6d47670bed Termination Time: 78 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 25/12/2012 2:30:47 AM | Computer Name = FB-02-V420 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13cc Start
Time: 01cddf6d3f9eac28 Termination Time: 0 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 28/12/2012 3:30:21 AM | Computer Name = FB-02-V420 | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16457,
time stamp: 0x50a2f9e3 Faulting module name: hpswp_BHO.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ad4fb6d Exception code: 0xc0000005 Fault offset: 0x0ae370d0 Faulting
process id: 0x10c Faulting application start time: 0x01cde4cce775a239 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: hpswp_BHO.dll
Report
Id: 6f5046b1-50c0-11e2-b6ce-0024e81653b9
Error - 28/12/2012 3:30:21 AM | Computer Name = FB-02-V420 | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16457,
time stamp: 0x50a2f9e3 Faulting module name: hpswp_BHO.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ad4fb6d Exception code: 0xc0000005 Fault offset: 0x094c70d0 Faulting
process id: 0xaf4 Faulting application start time: 0x01cde4cce0c7068d Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: hpswp_BHO.dll
Report
Id: 6f506dc1-50c0-11e2-b6ce-0024e81653b9
Error - 28/12/2012 4:00:33 AM | Computer Name = FB-02-V420 | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16457,
time stamp: 0x50a2f9e3 Faulting module name: hpswp_BHO.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ad4fb6d Exception code: 0xc0000005 Fault offset: 0x092470d0 Faulting
process id: 0xf80 Faulting application start time: 0x01cde4ce036ea9ad Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: hpswp_BHO.dll
Report
Id: a76561b2-50c4-11e2-b6ce-0024e81653b9
[ OSession Events ]
Error - 30/06/2011 6:16:25 AM | Computer Name = FB-02-V420 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 86193
seconds with 720 seconds of active time. This session ended with a crash.
Error - 30/10/2011 11:49:06 PM | Computer Name = FB-02-V420 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18/11/2011 4:21:49 PM | Computer Name = FB-02-V420 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 95502
seconds with 600 seconds of active time. This session ended with a crash.
Error - 12/01/2012 4:47:59 PM | Computer Name = FB-02-V420 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33728
seconds with 120 seconds of active time. This session ended with a crash.
Error - 14/08/2012 3:01:06 PM | Computer Name = FB-02-V420 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 350575
seconds with 11220 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 19/04/2012 10:21:09 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 20/04/2012 1:14:36 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 20/04/2012 1:14:36 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 20/04/2012 1:14:36 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 25/04/2012 1:40:09 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 01/05/2012 3:10:44 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10010
Description =
Error - 01/05/2012 3:13:34 PM | Computer Name = FB-02-V420 | Source = volsnap | ID = 393241
Description = The shadow copies of volume C: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.
Error - 01/05/2012 3:15:00 PM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 04/05/2012 1:07:01 AM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
Error - 04/05/2012 3:00:32 AM | Computer Name = FB-02-V420 | Source = DCOM | ID = 10016
Description =
< End of report >
-
I have two issues that started at the same time.
First, links in Bing and Google are redirected to various sites unrelated to the search.
Second, Microsoft Essentials and Windows Defender seem not to be working propertly. When I launch MSE, it appears for a second and then disappears. The icon in the tray also disappears when I hover over it. Defender acts the same way.
I rebooted in safe mode and was able to run MSE. Full scan did not find any issues.
Downloaded Malwarebytes and did a scan, no issues.
Downloaded PCTools and did a scan, no issues.
Please help. Thanks.
Here is the DDS:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by Vostro420 at 20:36:56 on 2012-12-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3071.1616 [GMT -8:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Users\Vostro420\Downloads\OTL.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Google Update] "c:\users\vostro420\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [GoodSync] "c:\program files\siber systems\goodsync\GoodSync.exe" /min
uRun: [soahkaoqdu] c:\users\vostro420\appdata\roaming\ehyna\ecfy.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [fvsrrymfan] rundll32 "c:\users\vostro420\appdata\roaming\bitsadmina.dll",Mfhewg
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [ToolboxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP LaserJet Professional M1530 MFP Series Fax] c:\program files\hp\digital imaging\fax\fax driver 0.6 base\hppfaxprintersrv.exe "HP LaserJet Professional M1530 MFP Series Fax"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [ConnectionManager] c:\program files\winsim\connectionmanager\Simply.SystemTrayIcon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ACSW14EN] "c:\program files\acd systems\acdsee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {1663ed6a-23eb-11d2-b92f-008048fdd814} - hxxps://vt.globalpay.com/admin/objects/smsx.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{8115AB82-A9F0-46A3-A2A9-974C3D20D46B} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2011-6-22 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128]
R2 DbgMsg;Debug Message;c:\windows\system32\drivers\DbgMsg.sys [2011-7-1 18240]
R2 GsServer;GoodSync Server;c:\program files\siber systems\goodsync\Gs-Server.exe [2012-1-13 3002808]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-10-25 145920]
R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager;c:\program files\winsim\connectionmanager\SimplyConnectionManager.exe [2011-12-22 21320]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2009-11-3 14592]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-28 14848]
S3 Sage Simply Accounting Transaction Manager 2011 - CDN;Sage Simply Accounting Transaction Manager 2011 - CDN;c:\program files\winsim\transactionmanager2011 - cdn\Sage_SA.TransactionManager.exe [2011-6-7 46408]
S3 Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN;c:\program files\winsim\transactionmanager2012 - cdn\Sage_SA.TransactionManager.exe [2012-6-8 46440]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-12-28 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-23 1343400]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-29 04:05:22 -------- d-----w- c:\users\vostro420\appdata\roaming\Malwarebytes
2012-12-29 04:05:15 -------- d-----w- c:\programdata\Malwarebytes
2012-12-29 04:05:00 -------- d-----w- c:\users\vostro420\appdata\local\Programs
2012-12-29 03:51:38 247808 ----a-w- c:\windows\system32\schannel.dll
2012-12-29 03:51:37 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-29 03:51:37 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-29 03:51:37 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-29 03:51:37 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-29 03:51:35 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-12-28 07:00:19 -------- d-----w- c:\program files\PC Tools
2012-12-28 06:46:20 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-12-28 06:46:17 -------- d-----w- c:\program files\common files\PC Tools
2012-12-28 06:45:00 -------- d-----w- c:\programdata\PC Tools
2012-12-28 06:44:57 -------- d-----w- c:\users\vostro420\appdata\roaming\TestApp
2012-12-28 03:54:02 -------- d-----w- c:\windows\pss
2012-12-22 17:29:24 122880 --sha-r- c:\users\vostro420\appdata\roaming\bitsadmina.dll
2012-12-21 11:00:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 11:00:44 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 13:30:06 2345984 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-12-11 23:06:55 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-11 23:06:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-22 05:13:03 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-22 05:13:03 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
============= FINISH: 20:37:11.14 ===============
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 22/06/2011 11:43:34 PM
System Uptime: 28/12/2012 7:59:45 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0N185P
Processor: Intel® Core2 Quad CPU Q8200 @ 2.33GHz | Socket 775 | 2328/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 190.902 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 733.54 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 7000 E809a
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 7000 E809a
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet M1536dnf MFP
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: Hewlett-Packard
Name: HP LaserJet M1536dnf MFP
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
7000E809a
7000E809a_eDocs
7000E809a_Help
ACDSee 14
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat 8 Professional
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Design Premium
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 9 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Bing Bar
Bing Rewards Client Installer
BPDSoftware
BPDSoftware_Ini
BufferChm
D-Link SmartConsole Utility
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Resource CD
DeviceDiscovery
Dynex All-in-1 Card Reader
EST Desktop 2.0 2.0.1211.0.11
GoodSync
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
HP Customer Participation Program 14.0
HP FWUpdateEDO3
HP Imaging Device Functions 14.0
HP LaserJet Professional M1530 MFP Series
HP LJ M1530 MFP Series HP Scan
HP Officejet 7000 E809a Series
HP Photo Creations
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPLaserJetHelp_LearnCenter
HPLJUT
hppFaxDrvM1530
hppFaxUtilityM1530
hppLaserJetService
hppM1530LaserJetService
HPProductAssistant
hppSendFaxM1530
hppTLBXFXM1530
HPSSupply
hpzTLBXFX
I.R.I.S. OCR
Java Auto Updater
Java 6 Update 37
Logitech Webcam Software
MailingCheck
MarketResearch
MeadCo ScriptX (v7.0.0.8 (x86))
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook 2010
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPhotoCreations
MySQL Connector/ODBC 3.51
Network
PDF Settings
Picasa 3
Polar Precision Performance SW
Polar WebLink 2.4.11
ProductContext
QNAP Finder
Realtek High Definition Audio Driver
RoboForm 7-8-4-7 (All Users)
Sage Download Manager
Sage Simply Accounting 2011
Sage Simply Accounting 2012
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SendBlaster
Shop for HP Supplies
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Silicon Laboratories USBXpress Device (Driver Removal)
Skype Click to Call
Skype™ 6.0
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WeatherLink 5.9.2
WeatherLink 5.9.3
WebReg
Windows Live ID Sign-in Assistant
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
28/12/2012 8:01:47 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
28/12/2012 8:00:19 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
28/12/2012 7:07:18 PM, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
27/12/2012 7:58:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
27/12/2012 7:58:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
27/12/2012 7:57:45 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 7:53:50 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
27/12/2012 11:02:42 PM, Error: PCTCore [280] -
27/12/2012 10:28:33 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
27/12/2012 10:28:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
27/12/2012 10:28:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
27/12/2012 10:28:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
27/12/2012 10:28:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/12/2012 10:28:16 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
23/12/2012 2:06:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user FB-02-V420\Vostro420 SID (S-1-5-21-784824154-2186569503-2690575908-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
Google redirects and MSE failure
in Resolved Malware Removal Logs
Posted
OK, not sure what happened but IE9 is working again.
Everything appears to be working fine.
I wish to thank you for your help. You have been very helpful. I appreciate the methodical approach and clean up afterwards.
Given the failure to detect the malware from Malwarebytes and MSE, is there anything that will prevent future infections?
Cheers,
Rolf