• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.

SuperSonic

Helper Trainee
  • Content count

    106
  • Joined

  • Last visited

About SuperSonic

  • Rank
    Advanced Member
  • Birthday 04/22/1914

Profile Information

  • Gender
    Not Telling
  1. Yeah it is my machine, but I think I caught it, Will see tomorrow. and thank you
  2. Hi, So Sorry I ignored you yesterday, The laptop is now running perfect thanks to you, But, I got another infection last night, at least I think I did FB wont let me log in, so thats how I found out. I am just about to go to my old post and follow what we did to see if i can find anything on here. Its crazy..lol Thank you so much for all of your time and help for fixing the laptop and me.
  3. Here we go, should there be a 2nd log? and thank you for today, you have been a saint.. OTL logfile created on: 2/19/2013 1:12:14 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\glenn\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.60 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 61.14% Memory free 7.21 Gb Paging File | 5.65 Gb Available in Paging File | 78.36% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.92 Gb Total Space | 404.63 Gb Free Space | 89.54% Space Free | Partition Type: NTFS Drive D: | 13.55 Gb Total Space | 1.43 Gb Free Space | 10.55% Space Free | Partition Type: NTFS Computer Name: GLENN-HP | User Name: glenn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/02/18 19:44:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\glenn\Downloads\OTL.exe PRC - [2013/02/16 14:26:47 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe PRC - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/03/30 22:25:14 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2011/03/29 00:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011/03/22 19:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2011/01/14 02:27:26 | 001,751,656 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe PRC - [2010/04/23 19:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010/04/23 19:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2011/09/28 10:12:18 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/02/28 20:02:10 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/12/17 11:41:36 | 000,276,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV) SRV:64bit: - [2010/10/11 09:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV:64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/06/17 13:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/06/26 06:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart) SRV - [2011/03/30 22:25:14 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2011/03/29 00:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2011/02/15 23:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv) SRV - [2011/01/14 02:27:26 | 001,751,656 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2010/10/12 17:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/12/21 13:09:28 | 000,057,904 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2012/12/21 13:09:24 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2012/12/21 13:09:24 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:64bit: - [2012/12/21 13:08:54 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2012/12/21 13:08:18 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 14:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 14:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/09/28 10:52:48 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/09/28 09:34:54 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/03/30 02:55:48 | 001,143,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/29 01:36:04 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011/01/29 01:36:02 | 000,077,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011/01/13 00:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010/12/17 11:41:36 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010/11/30 22:02:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/11/29 11:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010/11/21 03:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/28 17:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010/05/06 13:21:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/02/18 17:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 20:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009/06/10 20:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{8E03971A-1399-4CDA-A515-A89D01700D5C}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKLM\..\SearchScopes\{8E03971A-1399-4CDA-A515-A89D01700D5C}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.roboform.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKCU\..\SearchScopes\{8E03971A-1399-4CDA-A515-A89D01700D5C}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\glenn\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG) FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\glenn\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG) FF - HKCU\Software\MozillaPlugins\@gentek.com/thinclient: C:\IGG\twclient_us\npthinclient.dll (Generic Network) FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\glenn\AppData\Local\Roblox\Versions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll () FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\glenn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\glenn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\glenn\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\glenn\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\glenn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/02/01 20:12:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/02/01 20:12:55 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\glenn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\glenn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Thinclient (Enabled) = C:\IGG\twclient_us\npthinclient.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Unity Player (Enabled) = C:\Users\glenn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\glenn\AppData\Local\Roblox\Versions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll CHR - plugin: IGG Web3D Updater NP Plugin for Mozilla (Enabled) = C:\Users\glenn\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll CHR - plugin: JoyConnectShell NP Plugin for Mozilla (Enabled) = C:\Users\glenn\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: Google Docs = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\ CHR - Extension: Gmail = C:\Users\glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Users\glenn\Desktop\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.) O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Users\glenn\Desktop\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.) O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E34BA88F-10DF-49A6-BA17-EBDAE1B5C282}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/02/18 21:57:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/02/18 21:54:23 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/02/18 21:42:38 | 000,000,000 | --SD | C] -- C:\ComboFix [2013/02/18 20:50:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/02/18 20:50:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/02/18 20:50:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/02/18 20:47:51 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/02/18 20:47:25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/02/17 15:39:21 | 000,000,000 | ---D | C] -- C:\Users\glenn\Desktop\mbar [2013/02/17 01:19:34 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2013/02/16 14:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013/02/16 14:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013/02/16 11:49:06 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Roaming\Malwarebytes [2013/02/16 11:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/16 11:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/16 11:48:43 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/02/16 11:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/02/16 11:48:22 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Local\Programs [2013/02/16 11:23:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/02/16 11:23:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/02/16 11:23:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/02/16 11:23:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/02/16 11:23:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/02/16 11:23:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/02/16 11:23:43 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/02/16 11:23:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/02/16 11:23:42 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/02/16 11:23:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/02/16 11:23:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/02/16 11:23:42 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/02/16 11:23:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/02/16 11:23:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/02/16 11:23:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/02/13 16:08:52 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/02/13 16:08:51 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/02/13 16:08:50 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/02/13 16:08:27 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/02/13 16:08:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/02/13 16:08:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/02/13 16:08:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/02/13 16:08:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/02/13 16:08:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/02/13 16:08:21 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013/02/11 21:00:30 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Local\{686F0BDE-5BCF-4EB8-9DD7-0F40F4462D53} [2013/02/11 20:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013/02/11 20:43:01 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013/02/11 20:43:01 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/02/11 20:42:47 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/02/11 20:42:47 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/02/11 20:42:47 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/02/11 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013/02/11 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2013/02/11 16:42:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/02/11 16:42:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/02/11 16:42:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/02/11 16:42:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/02/11 16:42:32 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2013/02/11 16:42:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/02/11 16:42:30 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/02/11 16:42:30 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/02/11 16:42:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/02/11 16:42:30 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/02/11 16:42:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/02/11 16:42:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/02/11 16:42:30 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/02/11 16:42:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/02/11 16:42:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/02/11 16:42:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/02/11 16:42:30 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/02/11 16:42:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/02/11 16:42:29 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/02/11 16:42:29 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/02/11 16:42:29 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/02/11 16:42:29 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/02/11 16:42:29 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/02/11 16:42:28 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/02/11 16:42:28 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/02/11 16:39:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013/02/11 16:39:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013/02/11 16:39:06 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/02/11 16:13:09 | 000,000,000 | ---D | C] -- C:\HP_TOOLS_mountHPSF [2013/02/10 18:09:50 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Local\{5888721E-631D-428A-80DE-9E7CE9070B67} [2013/02/06 16:23:40 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Roaming\Mozilla [2013/02/06 16:15:01 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Local\{9973683D-61B5-44D4-BC45-5667D8CD071E} [2013/02/05 19:55:41 | 000,000,000 | ---D | C] -- C:\Users\glenn\AppData\Local\{AD3DC013-CF98-4ED7-A688-3EE134C257C0} [2013/02/02 18:33:56 | 000,409,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\glenn\Desktop\rescue2usb.exe [2013/02/01 20:22:53 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013/02/01 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2013/02/01 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2013/02/01 20:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013/01/29 19:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm [2013/01/29 19:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm [2013/01/29 19:52:23 | 000,000,000 | ---D | C] -- C:\Users\glenn\Documents\My RoboForm Data [2013/01/29 19:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems ========== Files - Modified Within 30 Days ========== [2013/02/19 00:37:14 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/19 00:37:14 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/19 00:31:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/19 00:30:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/19 00:29:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/19 00:29:02 | 2902,642,688 | -HS- | M] () -- C:\hiberfil.sys [2013/02/18 21:19:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1528424018-2016899123-3346721807-1001UA.job [2013/02/18 16:10:06 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGLENN-HP$.job [2013/02/18 15:47:20 | 000,007,088 | ---- | M] () -- C:\bootsqm.dat [2013/02/18 10:19:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1528424018-2016899123-3346721807-1001Core.job [2013/02/16 14:31:28 | 000,002,283 | ---- | M] () -- C:\Users\glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/02/16 14:27:31 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/02/16 11:48:49 | 000,001,137 | ---- | M] () -- C:\Users\glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/02/16 11:48:49 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/02/16 11:41:29 | 000,309,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/02/16 11:29:54 | 000,733,376 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/02/16 11:29:54 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/02/16 11:29:54 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/02/12 14:39:30 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/02/11 20:42:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/02/11 20:42:22 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/02/11 20:42:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/02/11 20:42:18 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/02/11 20:42:16 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013/02/11 20:42:16 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013/02/11 16:35:15 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013/02/01 20:18:43 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForglenn.job ========== Files Created - No Company Name ========== [2013/02/18 20:50:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/02/18 20:50:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/02/18 20:50:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/02/18 20:50:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/02/18 20:50:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/02/18 15:47:20 | 000,007,088 | ---- | C] () -- C:\bootsqm.dat [2013/02/16 14:27:31 | 000,002,283 | ---- | C] () -- C:\Users\glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/02/16 14:27:31 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/02/16 11:48:49 | 000,001,137 | ---- | C] () -- C:\Users\glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/02/16 11:48:49 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/02/11 16:35:15 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013/02/02 18:33:57 | 000,028,160 | ---- | C] () -- C:\Users\glenn\Desktop\syslinux.exe [2013/02/02 18:33:57 | 000,000,237 | ---- | C] () -- C:\Users\glenn\Desktop\syslinux.cfg [2013/02/02 18:33:56 | 000,237,849 | ---- | C] () -- C:\Users\glenn\Desktop\grub.exe [2013/01/29 16:25:42 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForglenn.job [2012/07/23 21:32:57 | 000,525,977 | ---- | C] () -- C:\Users\glenn\Electric Fields.SV6 [2012/05/24 21:17:55 | 000,000,632 | RHS- | C] () -- C:\Users\glenn\ntuser.pol [2012/03/09 21:50:48 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe [2012/02/11 17:57:04 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2011/12/29 16:36:32 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/11/08 07:22:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/11/08 07:16:56 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011/11/08 07:05:40 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/05/21 00:19:53 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/03/04 05:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL ========== ZeroAccess Check ========== [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/11/21 03:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2013/02/18 15:47:20 | 000,007,088 | ---- | M] () -- C:\bootsqm.dat [2013/02/19 00:29:02 | 2902,642,688 | -HS- | M] () -- C:\hiberfil.sys [2013/02/19 00:29:02 | 3870,191,616 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >
  4. Do you want this in custom scans and fixes in OTL
  5. Here you go this is the check disk log... Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 203520 file records processed. File verification completed. 214 large file records processed. 0 bad file records processed. 0 EA records processed. 62 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 258570 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 203520 file SDs/SIDs processed. Cleaning up 53 unused index entries from index $SII of file 0x9. Cleaning up 53 unused index entries from index $SDH of file 0x9. Cleaning up 53 unused security descriptors. Security descriptor verification completed. 27526 data files processed. CHKDSK is verifying Usn Journal... 34108664 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 203504 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 106097130 free clusters processed. Free space verification is complete. Windows has checked the file system and found no problems. 473867263 KB total disk space. 49071308 KB in 131916 files. 88904 KB in 27527 indexes. 0 KB in bad sectors. 318531 KB in use by the system. 65536 KB occupied by the log file. 424388520 KB available on disk. 4096 bytes in each allocation unit. 118466815 total allocation units on disk. 106097130 allocation units available on disk. Internal Info: 00 1b 03 00 df 6e 02 00 ea 75 04 00 00 00 00 00 .....n...u...... cd 03 00 00 3e 00 00 00 00 00 00 00 00 00 00 00 ....>........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts.
  6. OK going to run the Disk check, there is no log..
  7. Ok let me check first before I go off and do this disc check. Would you like me to wait if I find it before I check them? Thank you so much again...your so patient..
  8. not on desktop no log was created.
  9. No I did it as you instructed. You want the OTL log after i have done the check disc?
  10. Just encountered another problem on ComboFix It said something about an error on a hiv file i cant remember what it was... It went to fast
  11. Got it agaiin right at the end, going to try once more... Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7601.2.1.0.768.3 Locale ID: 2057 Additional information about the problem: BCCode: 24 BCP1: 00000000001904FB BCP2: FFFFF880079F7A88 BCP3: FFFFF880079F72E0 BCP4: FFFFF880012CE99D OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\021813-28189-01.dmp C:\Users\glenn\AppData\Local\Temp\WER-96408-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt
  12. Yes am doing that now...
  13. Here you go, been a long long time since I seen one of these... Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7601.2.1.0.768.3 Locale ID: 2057 Additional information about the problem: BCCode: 24 BCP1: 00000000001904FB BCP2: FFFFF88007F37A88 BCP3: FFFFF88007F372E0 BCP4: FFFFF8800129C99D OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\021813-26847-01.dmp C:\Users\glenn\AppData\Local\Temp\WER-160634-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt
  14. Going to do this again, got a blue screen on it, but my son restarted it before I could stop him, so i dont know what the error was. Do you want me to find it?
  15. OTL Extras logfile created on: 2/18/2013 7:46:14 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\glenn\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.60 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 64.65% Memory free 7.21 Gb Paging File | 5.74 Gb Available in Paging File | 79.71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.92 Gb Total Space | 402.58 Gb Free Space | 89.08% Space Free | Partition Type: NTFS Drive D: | 13.55 Gb Total Space | 1.43 Gb Free Space | 10.55% Space Free | Partition Type: NTFS Computer Name: GLENN-HP | User Name: glenn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3E6A188A-B93A-406B-8503-4C7BAA9606A6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{DCB4EE1E-5316-4D8A-8C01-2D92F6D7F15D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0716C1A6-8C54-4D5D-8CB8-51F4C9CE65F5}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe | "{70DFD66F-E909-45B9-B360-CEF5953AC1C3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{C0348D5B-4FA3-4041-A78F-29171424BDF6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{C61560BC-EA7F-4F33-8670-3C4B00593BA8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{CA1B6A2F-228B-40F0-AC6D-975B7CD196F8}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe | "{DB2C42B3-1644-4BF5-A75B-8767FB1ED27E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services "{40DB28C5-3C37-72E8-BE8F-82104E97EFCC}" = AMD Fuel "{42A2FD03-F0C7-6DD5-8D7B-EBAA992F12AA}" = WMV9/VC-1 Video Playback "{45CA4B17-F1C4-4058-8164-367AA349D85A}" = ESET Smart Security "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6E53B80F-4137-5F27-B4C4-88641B1E7F10}" = ccc-utility64 "{7FBA6627-88F8-0AE0-9326-FB8488DD26E0}" = ATI Catalyst Install Manager "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E5DD7A3-BE29-430C-970B-C553F4A58C39}" = SMART Common Platform "{143774AF-ED46-EF8E-A9C5-516D67A484C2}" = CCC Help Korean "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13 "{28B8E509-8E2A-A274-B59F-1D892778CBB6}" = CCC Help Chinese Traditional "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{294C2687-77C0-4E1D-83DE-97680786602C}" = HP Quick Launch "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2C93DDCA-E6BB-977B-8C55-724C1DA25C21}" = CCC Help Norwegian "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{30DDA988-6BCC-8B14-E0BB-026DA821EC23}" = CCC Help Czech "{311295C1-80F9-D8B6-06E4-5CBD2492460E}" = CCC Help Dutch "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34A59718-E873-CE8E-718C-D56B341DD14D}" = CCC Help German "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{371794E8-423C-52DD-ED06-9385469EA274}" = CCC Help Swedish "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{39EAEE16-AF24-CF47-3BD1-7B048A5DABD3}" = CCC Help English "{3C7F25C6-6BCB-7F39-BC81-48A8B5F38EDD}" = CCC Help French "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3FE1B94B-FB1C-1AF3-4DC2-EB5F4DB56A30}" = CCC Help Chinese Standard "{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding "{456D64EB-7E2A-FF45-EFA9-439EB529A105}" = CCC Help Greek "{4798F9E7-BE3A-3EBF-BDF2-6751C8C38503}" = CCC Help Italian "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5184A194-BA95-0411-A13C-468097CD4A06}" = Catalyst Control Center InstallProxy "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{58327844-EEAB-8C79-CA64-6C3623DEF11B}" = CCC Help Polish "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{601E6B37-4FF1-FC93-F48F-F73D29040AD4}" = CCC Help Japanese "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{660B0281-20C5-4FC9-A249-40C860262435}" = SMART English (United Kingdom) Language Pack "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C453C9C-38AE-494D-BF89-7AA0DE87F3E5}" = HP Documentation "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{710870E4-16ED-AC81-71CF-8941963E0776}" = Catalyst Control Center Localization All "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72737A9E-FAC6-01F9-C0F3-88F6DB538607}" = CCC Help Russian "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{78E5E045-D6EB-57CD-02F8-F55E79882790}" = CCC Help Danish "{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BE8CC83-C423-BF43-C1A0-9C072E3785B7}" = ccc-core-static "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager "{B35FC82A-6C05-45B0-DDE5-8DF62422E703}" = CCC Help Turkish "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}" = HP Software Framework "{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo "{BD3F5161-C40B-CA50-F82A-1F4417EE722D}" = CCC Help Spanish "{C0BD6A24-3110-E1DE-45B2-C7FC14F4DC76}" = CCC Help Thai "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D4414765-E8CD-518B-91E8-FA7C76CD2AE2}" = CCC Help Hungarian "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D952C4F9-2488-3723-84BE-1BFA907DCAC9}" = Google Talk Plugin "{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager "{DC6B510F-7EA2-8171-55E0-6A76B46CA17D}" = CCC Help Portuguese "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EB120C5A-42D2-C901-FF0C-D0DBDD07E9BD}" = Catalyst Control Center Graphics Previews Common "{ED0FF410-41B9-441F-B457-4AC81782E8BF}" = SMART Notebook "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EEF4EAB8-D049-FD0A-02BD-F9F42C49551F}" = CCC Help Finnish "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1BB1C5F-E94E-454C-B385-23016566644F}" = HP On Screen Display "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AI RoboForm" = RoboForm 7-8-6-5 (All Users) "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "king.com" = king.com (remove only) "KNOWHOW APP CENTRE 22447" = KNOWHOW APP CENTRE "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "RPG-SoundMixer Demo_is1" = RPG-SoundMixer Demo "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live Essentials "WT087328" = Blackhawk Striker 2 "WT087330" = Bounce Symphony "WT087335" = Build-a-lot 2 "WT087343" = Dora's World Adventure "WT087393" = Mah Jong Medley "WT087394" = Penguins! "WT087395" = Poker Superstars III "WT087396" = Polar Bowler "WT087397" = Polar Golfer "WT087536" = Diner Dash 2 Restaurant Rescue "WT089307" = Virtual Villagers 4 - The Tree of Life "WT089308" = Blasterball 3 "WT089328" = Farm Frenzy "WT089359" = Cake Mania "WT089362" = Agatha Christie - Peril at End House "WT089453" = Bejeweled 2 Deluxe "WT089454" = Chuzzle Deluxe "WT089455" = Zuma Deluxe "WT089457" = Slingo Supreme "WT089458" = Plants vs. Zombies - Game of the Year "WT089470" = FATE - The Traitor Soul "WT089484" = Namco All-Stars PAC-MAN "WT089496" = Mystery P.I. - Stolen in San Francisco "WT089498" = Bejeweled 3 "WT089504" = Final Drive Nitro ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for glenn "IGG Web3D Player_is1" = IGG Web3D Player version 1.0.0.38 "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2/1/2013 4:25:51 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/1/2013 6:39:28 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/1/2013 6:44:46 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/3/2013 5:20:37 AM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/3/2013 9:54:40 AM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/3/2013 2:03:56 PM | Computer Name = glenn-HP | Source = Chrome | ID = 1 Description = Error - 2/3/2013 3:18:23 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/4/2013 12:13:18 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/4/2013 12:25:10 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = Error - 2/8/2013 6:48:39 PM | Computer Name = glenn-HP | Source = WinMgmt | ID = 10 Description = [ Hewlett-Packard Events ] Error - 5/14/2012 11:16:02 AM | Computer Name = glenn-HP | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051214041554.xml File not created by asset agent Error - 7/30/2012 5:13:16 AM | Computer Name = glenn-HP | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071230101309.xml File not created by asset agent Error - 9/3/2012 4:37:36 AM | Computer Name = glenn-HP | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091203093730.xml File not created by asset agent Error - 9/10/2012 11:22:18 AM | Computer Name = glenn-HP | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091210042212.xml File not created by asset agent [ HP Connection Manager Events ] Error - 1/23/2013 12:41:23 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 16:41:23.427|000012DC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 1/23/2013 12:41:33 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 16:41:33.526|000012DC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 1/23/2013 12:41:44 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 16:41:44.687|000012DC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 1/23/2013 3:19:53 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 19:19:53.608|00000F14|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 1/23/2013 5:34:47 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 21:34:47.183|00000CC0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 1/23/2013 5:34:56 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/01/23 21:34:56.181|00000CC0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 2/1/2013 4:17:13 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/02/01 20:17:13.031|00001218|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 2/1/2013 4:17:13 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/02/01 20:17:13.873|00001218|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 2/1/2013 4:17:21 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/02/01 20:17:21.985|00001218|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 2/1/2013 4:23:14 PM | Computer Name = glenn-HP | Source = hpCMSrv | ID = 5 Description = 2013/02/01 20:23:14.836|00000440|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] [ System Events ] Error - 2/4/2013 12:23:36 PM | Computer Name = glenn-HP | Source = EventLog | ID = 6008 Description = The previous system shutdown at 16:21:40 on ?04/?02/?2013 was unexpected. Error - 2/4/2013 12:23:45 PM | Computer Name = GLENN-HP | Source = BugCheck | ID = 1001 Description = Error - 2/6/2013 12:14:42 PM | Computer Name = glenn-HP | Source = Server | ID = 2505 Description = The server could not bind to the transport \Device\NetBT_Tcpip_{E34BA88F-10DF-49A6-BA17-EBDAE1B5C282} because another computer on the network has the same name. The server could not start. Error - 2/9/2013 1:58:24 PM | Computer Name = glenn-HP | Source = DCOM | ID = 10010 Description = Error - 2/11/2013 12:14:17 PM | Computer Name = glenn-HP | Source = EventLog | ID = 6008 Description = The previous system shutdown at 16:11:49 on ?11/?02/?2013 was unexpected. Error - 2/11/2013 12:14:24 PM | Computer Name = GLENN-HP | Source = BugCheck | ID = 1001 Description = Error - 2/11/2013 12:19:14 PM | Computer Name = glenn-HP | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IconMan_R service. Error - 2/16/2013 5:05:35 AM | Computer Name = glenn-HP | Source = EventLog | ID = 6008 Description = The previous system shutdown at 09:00:44 on ?16/?02/?2013 was unexpected. Error - 2/16/2013 9:04:34 PM | Computer Name = glenn-HP | Source = EventLog | ID = 6008 Description = The previous system shutdown at 01:03:19 on ?17/?02/?2013 was unexpected. Error - 2/16/2013 9:10:29 PM | Computer Name = glenn-HP | Source = Service Control Manager | ID = 7023 Description = The IPsec Policy Agent service terminated with the following error: %%1747 < End of report >