Jump to content

mcgilvraydh

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

Reputation

0 Neutral
  1. mcgilvraydh
    Well bad news again. I had it open/on for the morning and it wasn't crashing but I noticed that it was running pretty slowly. Took quite a bit of time to open a web page, etc. Then as I was writing an email it just crashed, giving me the same error pages.
  2. mcgilvraydh
    It was the System Restore. I had to create a file for it to go back to so I had to put the date of yesterday. I didn't have a restore option to go back to at an earlier date so it made me a little nervous because I am wondering if it will still have the same problems? I just got on today so I am going to see what it does. Heather
  3. mcgilvraydh
    I think it may be functioning properly now. I will have to try again tomorrow and let you know. So far it has been open for an hour which is the longest it has gone without crashing in a week. Thanks again for you help with this.
  4. mcgilvraydh
    Oh I think I did something wrong. When I clicked on the above link at the top there was a button that said scan your PC for errors." I assumed that is what I was supposed to do so that is what I did. Now I realize that if I had scrolled down I woud have seen the directions Repair Install. I was just getting ready to do that when I read this: You cannot use a OEM Windows 7 "Factory" Restore/Recovery type of installation disc that came with or created from a store bought computer to do a repair install with. These can only be used do a clean install I am pretty sure this what my computer had. In fact there is still a sticker on it that says Windows 7.
  5. mcgilvraydh
    Thank you so much for your help on this. I gave it a try. I downloaded the above link and ran the scan. It found a lot of errors and fixed them. But now again it just crashed and is saying the same black screen with Operating System Not Found. Any other ideas?
  6. mcgilvraydh
    Nope still doing the same thing
  7. mcgilvraydh
    Well I thought it might be fixed because after I posted the above scan report it stayed on for longer than it had been doing. However after some time it again crashed. It said there was an error and forcing a shut down. (Blue screen with a lot of text I couldn't read before it shut down). Then it started in the same loop saying operating system not found. I turned it off and I haven't turned it back on again after that.
  8. mcgilvraydh
    <P>Okay I got it to run and below is the report.</P> <P></P> <P></P> <DIV>ComboFix 12-01-30.02 - McGilvray 01/30/2012 18:48:09.1.2 - x64</DIV> <DIV>Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3935.1862 [GMT -8:00]</DIV> <DIV>Running from: c:\users\McGilvray\Downloads\ComboFix.exe</DIV> <DIV>AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}</DIV> <DIV>SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}</DIV> <DIV>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</DIV> <DIV>* Created a new restore point</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>c:\program files (x86)\Search Toolbar</DIV> <DIV>c:\program files (x86)\Search Toolbar\icon.ico</DIV> <DIV>c:\program files (x86)\Search Toolbar\SearchToolbar.dll</DIV> <DIV>c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe</DIV> <DIV>c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe</DIV> <DIV>c:\users\McGilvray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool</DIV> <DIV>c:\users\McGilvray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool\System Tool 2011.lnk</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>((((((((((((((((((((((((( Files Created from 2011-12-28 to 2012-01-31 )))))))))))))))))))))))))))))))</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>2012-01-31 03:02 . 2012-01-31 03:02<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>--------<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>d-----w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\users\Default\AppData\Local\temp</DIV> <DIV>2012-01-19 21:48 . 2012-01-24 19:36<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>--------<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>d-----w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\program files (x86)\Rinse</DIV> <DIV>2012-01-11 00:53 . 2011-10-26 05:22<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>366592<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\qdvd.dll</DIV> <DIV>2012-01-11 00:53 . 2011-10-26 05:22<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1572864<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\quartz.dll</DIV> <DIV>2012-01-11 00:53 . 2011-10-26 04:28<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1328640<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\quartz.dll</DIV> <DIV>2012-01-11 00:53 . 2011-10-26 04:28<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>514560<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\qdvd.dll</DIV> <DIV>2012-01-11 00:53 . 2011-11-17 07:14<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1739160<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\ntdll.dll</DIV> <DIV>2012-01-11 00:53 . 2011-11-17 05:41<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1292592<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\ntdll.dll</DIV> <DIV>2012-01-11 00:53 . 2011-11-19 15:07<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>77312<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\packager.dll</DIV> <DIV>2012-01-11 00:53 . 2011-11-19 14:06<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>67072<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\packager.dll</DIV> <DIV>2012-01-03 13:10 . 2012-01-03 13:10<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>182672<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))</DIV> <DIV>.</DIV> <DIV>2011-12-15 19:28 . 2011-06-15 02:56<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>414368<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\FlashPlayerCPLApp.cpl</DIV> <DIV>2011-12-10 23:24 . 2010-12-28 00:32<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>23152<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\drivers\mbam.sys</DIV> <DIV>2011-12-07 21:12 . 2011-12-07 17:25<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>485576<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\users\McGilvray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp\UninstallCouponActivator.exe</DIV> <DIV>2011-11-29 19:09 . 2011-11-29 19:09<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>158056<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin</DIV> <DIV>2011-11-24 05:00 . 2011-12-14 19:56<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>3141632<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\win32k.sys</DIV> <DIV>2011-11-05 05:26 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1197568<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\wininet.dll</DIV> <DIV>2011-11-05 05:23 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>57856<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\licmgr10.dll</DIV> <DIV>2011-11-05 05:17 . 2011-12-14 19:54<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>2048<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\tzres.dll</DIV> <DIV>2011-11-05 04:35 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>981504<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\wininet.dll</DIV> <DIV>2011-11-05 04:34 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>44544<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\licmgr10.dll</DIV> <DIV>2011-11-05 04:30 . 2011-12-14 19:54<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>2048<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\tzres.dll</DIV> <DIV>2011-11-05 04:07 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>482816<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\html.iec</DIV> <DIV>2011-11-05 03:28 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>386048<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\html.iec</DIV> <DIV>2011-11-05 03:25 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1638912<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\system32\mshtml.tlb</DIV> <DIV>2011-11-05 02:55 . 2011-12-14 19:59<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1638912<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\SysWow64\mshtml.tlb</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>*Note* empty entries & legit default entries are not shown </DIV> <DIV>REGEDIT4</DIV> <DIV>.</DIV> <DIV>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]</DIV> <DIV>"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-12-14 1514152]</DIV> <DIV>.</DIV> <DIV>[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]</DIV> <DIV>2011-12-14 23:51<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>1514152<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\program files (x86)\Ask.com\GenericAskToolbar.dll</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]</DIV> <DIV>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-12-14 1514152]</DIV> <DIV>.</DIV> <DIV>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]</DIV> <DIV>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]</DIV> <DIV>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]</DIV> <DIV>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]</DIV> <DIV>.</DIV> <DIV>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</DIV> <DIV>"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-25 39408]</DIV> <DIV>"DW6"="c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [2011-06-08 822456]</DIV> <DIV>"AROReminder"="c:\program files (x86)\Advanced Registry Optimizer\ARO.exe" [2010-07-27 2216968]</DIV> <DIV>"GameXN (update)"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]</DIV> <DIV>"GameXN (news)"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]</DIV> <DIV>"GameXN"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]</DIV> <DIV>"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]</DIV> <DIV>"Facebook Update"="c:\users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-09-19 137536]</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]</DIV> <DIV>"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]</DIV> <DIV>"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]</DIV> <DIV>"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]</DIV> <DIV>"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2009-07-09 115560]</DIV> <DIV>"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]</DIV> <DIV>"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]</DIV> <DIV>"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488]</DIV> <DIV>"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-01-03 35736]</DIV> <DIV>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]</DIV> <DIV>"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]</DIV> <DIV>"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-05-26 273544]</DIV> <DIV>"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-12-14 1398440]</DIV> <DIV>"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]</DIV> <DIV>"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]</DIV> <DIV>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]</DIV> <DIV>"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]</DIV> <DIV>"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]</DIV> <DIV>.</DIV> <DIV>c:\users\McGilvray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\</DIV> <DIV>Advanced Registry Optimizer.lnk - c:\program files (x86)\Advanced Registry Optimizer\ARO.exe [2011-2-13 2216968]</DIV> <DIV>DING!.lnk - c:\program files (x86)\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848]</DIV> <DIV>.</DIV> <DIV>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\</DIV> <DIV>Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]</DIV> <DIV>Marketsplash Print Software.lnk - c:\program files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe [2010-10-11 93752]</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]</DIV> <DIV>"ConsentPromptBehaviorAdmin"= 5 (0x5)</DIV> <DIV>"ConsentPromptBehaviorUser"= 3 (0x3)</DIV> <DIV>"EnableUIADesktopToggle"= 0 (0x0)</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]</DIV> <DIV>2009-11-05 02:32<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>98304<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>----a-w-<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>c:\windows\System32\VESWinlogon.dll</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]</DIV> <DIV>"aux"=wdmaud.drv</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]</DIV> <DIV>Security Packages<SPAN style="WHITE-SPACE: pre" class=Apple-tab-span> </SPAN>REG_MULTI_SZ <SPAN style="WHITE-SPACE: pre" class=Apple-tab-span></SPAN>kerberos msv1_0 schannel wdigest tspkg pku2u livessp</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]</DIV> <DIV>@=""</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]</DIV> <DIV>@="Service"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]</DIV> <DIV>@="Service"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]</DIV> <DIV>@="Service"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]</DIV> <DIV>"DisableMonitoring"=dword:00000001</DIV> <DIV>.</DIV> <DIV>R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]</DIV> <DIV>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]</DIV> <DIV>R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-25 135664]</DIV> <DIV>R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]</DIV> <DIV>R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]</DIV> <DIV>R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x]</DIV> <DIV>R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-25 135664]</DIV> <DIV>R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]</DIV> <DIV>R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]</DIV> <DIV>R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]</DIV> <DIV>R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-16 120104]</DIV> <DIV>R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-16 70952]</DIV> <DIV>R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-16 427304]</DIV> <DIV>R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-16 75048]</DIV> <DIV>R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-16 91432]</DIV> <DIV>R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]</DIV> <DIV>R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]</DIV> <DIV>R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]</DIV> <DIV>R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]</DIV> <DIV>R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]</DIV> <DIV>R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-02 361840]</DIV> <DIV>R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-09 110960]</DIV> <DIV>R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2009-10-30 1165680]</DIV> <DIV>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]</DIV> <DIV>R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]</DIV> <DIV>R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]</DIV> <DIV>S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]</DIV> <DIV>S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]</DIV> <DIV>S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]</DIV> <DIV>S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]</DIV> <DIV>S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]</DIV> <DIV>S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]</DIV> <DIV>S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2011-08-14 49152]</DIV> <DIV>S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]</DIV> <DIV>S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-09-17 189984]</DIV> <DIV>S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]</DIV> <DIV>S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-15 642416]</DIV> <DIV>S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]</DIV> <DIV>S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-01-16 138360]</DIV> <DIV>S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]</DIV> <DIV>S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]</DIV> <DIV>S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-19 571248]</DIV> <DIV>S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>Contents of the 'Scheduled Tasks' folder</DIV> <DIV>.</DIV> <DIV>2012-01-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3433877063-799979752-1565309084-1004Core.job</DIV> <DIV>- c:\users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-19 04:21]</DIV> <DIV>.</DIV> <DIV>2012-01-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3433877063-799979752-1565309084-1004UA.job</DIV> <DIV>- c:\users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-19 04:21]</DIV> <DIV>.</DIV> <DIV>2012-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job</DIV> <DIV>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-25 14:54]</DIV> <DIV>.</DIV> <DIV>2012-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job</DIV> <DIV>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-25 14:54]</DIV> <DIV>.</DIV> <DIV>2012-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3433877063-799979752-1565309084-1004Core.job</DIV> <DIV>- c:\users\McGilvray\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 20:59]</DIV> <DIV>.</DIV> <DIV>2012-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3433877063-799979752-1565309084-1004UA.job</DIV> <DIV>- c:\users\McGilvray\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 20:59]</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>--------- x86-64 -----------</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</DIV> <DIV>"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]</DIV> <DIV>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-22 165912]</DIV> <DIV>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-22 387608]</DIV> <DIV>"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-22 365592]</DIV> <DIV>"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-17 7938080]</DIV> <DIV>"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-09-17 1833504]</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]</DIV> <DIV>"LoadAppInit_DLLs"=0x0</DIV> <DIV>.</DIV> <DIV>------- Supplementary Scan -------</DIV> <DIV>.</DIV> <DIV>uLocal Page = c:\windows\system32\blank.htm</DIV> <DIV>uStart Page = hxxp://www.bing.com/?pc=Z039&form=ZGAPHP</DIV> <DIV>uDefault_Search_URL = hxxp://www.google.com/ie</DIV> <DIV>mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT</DIV> <DIV>mLocal Page = c:\windows\SysWOW64\blank.htm</DIV> <DIV>uInternet Settings,ProxyOverride = *.local</DIV> <DIV>uSearchAssistant = hxxp://www.google.com/ie</DIV> <DIV>uSearchURL,(Default) = hxxp://www.google.com/search?q=%s</DIV> <DIV>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200</DIV> <DIV>IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000</DIV> <DIV>Trusted Zone: intuit.com\ttlc</DIV> <DIV>TCP: DhcpNameServer = 75.75.75.75 75.75.76.76</DIV> <DIV>.</DIV> <DIV>- - - - ORPHANS REMOVED - - - -</DIV> <DIV>.</DIV> <DIV>SafeBoot-Symantec Antvirus</DIV> <DIV>WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)</DIV> <DIV>HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe</DIV> <DIV>AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe</DIV> <DIV>AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]</DIV> <DIV>"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""</DIV> <DIV>.</DIV> <DIV>--------------------- LOCKED REGISTRY KEYS ---------------------</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]</DIV> <DIV>@Denied: (A 2) (Everyone)</DIV> <DIV>@="FlashBroker"</DIV> <DIV>"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]</DIV> <DIV>"Enabled"=dword:00000001</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]</DIV> <DIV>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]</DIV> <DIV>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]</DIV> <DIV>@Denied: (A 2) (Everyone)</DIV> <DIV>@="Shockwave Flash Object"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]</DIV> <DIV>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"</DIV> <DIV>"ThreadingModel"="Apartment"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]</DIV> <DIV>@="0"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]</DIV> <DIV>@="ShockwaveFlash.ShockwaveFlash.10"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</DIV> <DIV>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]</DIV> <DIV>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]</DIV> <DIV>@="1.0"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</DIV> <DIV>@="ShockwaveFlash.ShockwaveFlash"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]</DIV> <DIV>@Denied: (A 2) (Everyone)</DIV> <DIV>@="Macromedia Flash Factory Object"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]</DIV> <DIV>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"</DIV> <DIV>"ThreadingModel"="Apartment"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]</DIV> <DIV>@="FlashFactory.FlashFactory.1"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</DIV> <DIV>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]</DIV> <DIV>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]</DIV> <DIV>@="1.0"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</DIV> <DIV>@="FlashFactory.FlashFactory"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]</DIV> <DIV>@Denied: (A 2) (Everyone)</DIV> <DIV>@="IFlashBroker4"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]</DIV> <DIV>@="{00020424-0000-0000-C000-000000000046}"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]</DIV> <DIV>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</DIV> <DIV>"Version"="1.0"</DIV> <DIV>.</DIV> <DIV>[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]</DIV> <DIV>@Denied: (Full) (Everyone)</DIV> <DIV>.</DIV> <DIV>Completion time: 2012-01-30 19:09:00</DIV> <DIV>ComboFix-quarantined-files.txt 2012-01-31 03:08</DIV> <DIV>.</DIV> <DIV>Pre-Run: 177,490,796,544 bytes free</DIV> <DIV>Post-Run: 179,459,121,152 bytes free</DIV> <DIV>.</DIV> <DIV>- - End Of File - - 9EBBB8AC4584250C24DA10A3E60B9F7F</DIV> <DIV></DIV>
  9. mcgilvraydh
    Okay so I tried it 2 times and it caused it to shut down with an error. I didn't see the first time what exactly happned but the 2nd time it pulled up another box that said UpdateTask.exe applicaton error. Then it pulled up a screen that had a bunch of text but moved to quickly before I could read it. I think that the Advanced Registry Optimizer was something that my husband accidently downloaded when he was trying to download something else to download movies to our ipod. I have tried to remove the program and somehow it always seems to come back. As far as I know the program has never been run on the computer though it is constantly popping up screens trying to get us to run it and saying we have things that are at risk on our computer. Below are some things that are on my desktop that I don't recognize. I am pretty sure they are new and I don't know where they came from: 7zDecode DinaryFiles.7z BSTIEPrint ini NPcol400.dll Selfdel.dll A few other things that pop up when I am trying to get it to restart: 1. A recent hardware of software change....the screen goes away too quickly before I can read more than that. 2. Blank Screen-operating system not found 3. sometimes it gives me an option to try and fix things and sometimes it gives me an option to start in safe mode. Any other ideas or things to try?
  10. mcgilvraydh
    I was able to update Malwarebytes and below is the latest scan from today. I also was able to run the DDS scans so went ahead and attached those since I was able to get on. The computer is restarting over and over again. It gets in a loop and eventually I can get it back up and run the scans,etc. but I only have a short time and then it will shut down again and I start the process again. Also seems to be some files on my desktop I don't recognize. My symantic says that file system auto protect is not functioning correctly. I have some updates to windows that are ready to install but I have to restart it to install them. Since it hasn't shut down yet I am trying to get this posted before I try and restart for the updates. Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.29.04 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 McGilvray :: MCGILVRAY-VAIO [administrator] 1/29/2012 3:54:57 PM mbam-log-2012-01-29 (15-54-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 193251 Time elapsed: 19 minute(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/13/2010 3:42:42 PM System Uptime: 1/29/2012 3:33:09 PM (0 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 287 GiB total, 150.472 GiB free. E: is Removable F: is Removable G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP109: 1/26/2012 12:58:50 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Photoshop Elements 6.0 Adobe Reader X (10.1.2) MUI Adobe Shockwave Player 11.5 Advanced Registry Optimizer Apple Application Support Apple Software Update ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 3 Ask Toolbar Ask Toolbar Updater AviSynth 2.5 Bing Bar Bing Bar Platform Bing Rewards Client Installer Compatibility Pack for the 2007 Office system Coupon Printer for Windows D3DX10 DING! DVD Decrypter (Remove Only) ESET Online Scanner v3 Evernote Facebook Video Calling 1.1.1.1 GameXN GO Google Chrome Google Earth Plug-in Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper HP Officejet 6500 E710n-z Help HP Update I.R.I.S. OCR InterActual Player Java Auto Updater Junk Mail filter update LeapFrog Connect LeapFrog Tag Plugin LiveUpdate 3.3 (Symantec Corporation) Malwarebytes' Anti-Malware version 1.51.1.1800 Marketsplash Print Software Marketsplash Shortcuts Media Gallery Microsoft Default Manager Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Oasis2Service Picaboo X Picasa 3 PMB PMB VAIO Edition Guide PMB VAIO Edition plug-in (Click to Disc) PMB VAIO Edition plug-in (VAIO Image Optimizer) PMB VAIO Edition plug-in (VAIO Movie Story) QuickBooks Financial Center QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy Media Creator 10 LJ Roxio Easy Media Creator Home Safari Search Toolbar Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Service Pack 1 for SQL Server 2008 (KB968369) Setting Utility Series Skype Click to Call Skype™ 5.5 SmartWi Connection Utility Sony Home Network Library Sql Server Customer Experience Improvement Program The Weather Channel Desktop 6 TurboTax 2010 TurboTax 2010 winiper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) VAIO Care VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Intelligent Network Service Manager VAIO Content Metadata Manager Settings VAIO Content Metadata XML Interface Library VAIO Content Monitoring Settings VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data VAIO Entertainment Platform VAIO Event Service VAIO Hardware Diagnostics VAIO Help and Support VAIO Media plus VAIO Media plus Opening Movie VAIO Messenger VAIO Movie Story Template Data VAIO OOBE and Startup Assistant VAIO Original Function Settings VAIO Personalization Manager VAIO Power Management VAIO Quick Web Access VAIO Sample Contents VAIO Survey VAIO Transfer Support VAIO Update 5 VAIO Wallpaper Contents VAIO Window Organizer Videora iPod Converter 6 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources YouTube Downloader App 3.00 . ==== Event Viewer Messages From Past Week ======== . 1/29/2012 3:41:37 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0. 1/29/2012 3:41:16 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 1/29/2012 3:40:02 PM, Error: SRTSPL [11] - Unable to allocate open file data. 1/29/2012 3:40:02 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver. 1/29/2012 3:40:02 PM, Error: SRTSP [4] - Error loading virus definitions. 1/29/2012 3:40:02 PM, Error: Service Control Manager [7000] - The SRTSPL service failed to start due to the following error: A device attached to the system is not functioning. 1/29/2012 3:40:02 PM, Error: Service Control Manager [7000] - The SRTSP service failed to start due to the following error: A device attached to the system is not functioning. 1/29/2012 3:38:38 PM, Error: Service Control Manager [7022] - The VAIO Content Folder Watcher service hung on starting. 1/29/2012 3:36:37 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGILVRA-2AC3AE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{53249536-ECA8-4D56-8F55-6C3E89A1799C}. The master browser is stopping or an election is being forced. 1/29/2012 3:34:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP 1/29/2012 3:34:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. 1/26/2012 12:27:21 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s). 1/26/2012 12:25:56 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 1/26/2012 12:24:35 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 1/26/2012 11:33:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. 1/26/2012 11:33:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service. 1/26/2012 10:36:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 1/25/2012 12:22:37 PM, Error: Service Control Manager [7022] - The Network Location Awareness service hung on starting. 1/25/2012 11:39:51 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 1/25/2012 11:38:45 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 1/25/2012 11:35:00 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Oasis2Service service to connect. 1/25/2012 11:35:00 AM, Error: Service Control Manager [7000] - The Oasis2Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/25/2012 11:34:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service service to connect. 1/25/2012 11:34:18 AM, Error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/25/2012 11:29:43 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 1/24/2012 9:29:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 1/24/2012 9:27:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VCFw service. 1/24/2012 8:08:59 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{53249536-ECA8-4D56-8F55-6C3E89A1799C} because another computer on the network has the same name. The server could not start. 1/24/2012 12:20:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 1/24/2012 12:20:48 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/24/2012 12:18:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Symantec Endpoint Protection service to connect. 1/24/2012 12:17:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SeaPort service to connect. 1/24/2012 12:17:54 PM, Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/24/2012 11:51:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LeapFrog Connect Device Service service to connect. 1/24/2012 11:50:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Service service to connect. 1/24/2012 11:50:27 AM, Error: Service Control Manager [7000] - The Bluetooth Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/24/2012 11:49:30 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 1/24/2012 11:49:30 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/24/2012 10:01:59 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 1/23/2012 9:08:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect. 1/23/2012 10:40:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect. 1/23/2012 10:40:29 AM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/23/2012 10:38:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 1/23/2012 10:01:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by McGilvray at 15:38:40 on 2012-01-29 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3935.2517 [GMT -8:00] . AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Windows\system32\msiexec.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\igfxsrvc.exe C:\Users\McGilvray\AppData\Local\Google\Update\GoogleUpdate.exe C:\ProgramData\GameXN\GameXNGO.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\system32\taskeng.exe C:\Users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe C:\Windows\system32\taskeng.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Sony\VAIO Care\VAIOCareService.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files (x86)\Southwest Airlines\Ding\Ding.exe C:\Windows\system32\conhost.exe C:\Users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\wsqmcons.exe C:\Program Files\Sony\First Experience\OOBESendInfo.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.bing.com/?pc=Z039&form=ZGAPHP uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Google Update] "C:\Users\McGilvray\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" uRun: [AROReminder] C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe -rem uRun: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u uRun: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n uRun: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [Facebook Update] "C:\Users\McGilvray\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [<NO NAME>] mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\MCGILV~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADVANC~1.LNK - C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe StartupFolder: C:\Users\MCGILV~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DING!.lnk - C:\Program Files (x86)\Southwest Airlines\Ding\Ding.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MARKET~1.LNK - C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll Trusted Zone: intuit.com\ttlc DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100 TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{1B4C9337-1350-489A-8601-C7E07B94A658} : DhcpNameServer = 172.16.2.5 172.18.82.11 4.2.2.2 TCP: Interfaces\{53249536-ECA8-4D56-8F55-6C3E89A1799C} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{53249536-ECA8-4D56-8F55-6C3E89A1799C}\2516C6078623E243 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{53249536-ECA8-4D56-8F55-6C3E89A1799C}\64275656D456974656E62616575627 : DhcpNameServer = 205.171.3.65 205.171.2.65 TCP: Interfaces\{53249536-ECA8-4D56-8F55-6C3E89A1799C}\84F4D45413 : DhcpNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{53249536-ECA8-4D56-8F55-6C3E89A1799C}\A657C64656C6 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun-x64: [(Default)] mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] . =============== Created Last 30 ================ . 2012-01-29 23:38:10 -------- d-----w- C:\Users\McGilvray\AppData\Local\{5888FA63-2AA3-4445-847E-9E9D7B6C7312} 2012-01-29 23:37:47 -------- d-----w- C:\Users\McGilvray\AppData\Local\{0A589FE7-DDA2-4E6B-9CF3-49F2F5331BDB} 2012-01-26 19:29:46 -------- d-----w- C:\Users\McGilvray\AppData\Local\{E0D7E75D-DF55-4C52-8A5A-7CD60B063208} 2012-01-26 19:29:15 -------- d-----w- C:\Users\McGilvray\AppData\Local\{2E988083-1CA9-4CBC-A27C-438C21DA3800} 2012-01-26 18:18:13 -------- d-----w- C:\Users\McGilvray\AppData\Local\{F99A63FB-A997-4764-84E9-BEBD7E7EEC93} 2012-01-26 18:17:52 -------- d-----w- C:\Users\McGilvray\AppData\Local\{AF0E5BA5-9482-4A06-9BFF-6699FA959BF2} 2012-01-25 20:23:32 -------- d-----w- C:\Users\McGilvray\AppData\Local\{F76EC0DE-2D0B-4008-BFCD-A91AC1323EFD} 2012-01-25 20:22:57 -------- d-----w- C:\Users\McGilvray\AppData\Local\{1323CB3E-0927-48D8-A26C-A4811E013E54} 2012-01-25 19:37:12 -------- d-----w- C:\Users\McGilvray\AppData\Local\{A3AA4BE9-2D1C-4D71-843F-25ED3F08B85F} 2012-01-25 19:36:51 -------- d-----w- C:\Users\McGilvray\AppData\Local\{8C77DEAF-3328-471C-BB6D-98A37E0DFAD8} 2012-01-25 18:51:59 -------- d-----w- C:\Users\McGilvray\AppData\Local\{BB12E931-4F75-44EC-93C4-5DA1E52BD0A7} 2012-01-25 18:51:23 -------- d-----w- C:\Users\McGilvray\AppData\Local\{F6317BF2-7B13-42FA-B606-DB6BE01580CC} 2012-01-25 05:42:30 -------- d-----w- C:\Users\McGilvray\AppData\Local\{132F1B26-B7F5-4BFE-A2EC-C44EE7C55263} 2012-01-25 05:42:01 -------- d-----w- C:\Users\McGilvray\AppData\Local\{FBF4C919-097B-4E65-99DF-2D6ABFE24F96} 2012-01-25 05:29:18 -------- d-----w- C:\Users\McGilvray\AppData\Local\{57BEFAAA-443F-4E97-9177-34D7A63485BC} 2012-01-25 05:28:54 -------- d-----w- C:\Users\McGilvray\AppData\Local\{B8BAEE55-A013-41F4-9D23-130882D6C091} 2012-01-24 21:21:04 -------- d-----w- C:\Users\McGilvray\AppData\Local\{BF79DD79-2CFA-4091-999A-8AC5E3A6D480} 2012-01-24 21:20:43 -------- d-----w- C:\Users\McGilvray\AppData\Local\{1188A502-DD9F-4A30-93E0-1E24273940E5} 2012-01-24 20:21:49 -------- d-----w- C:\Users\McGilvray\AppData\Local\{5C3B352C-FE19-4EC6-9481-C96E4A433E94} 2012-01-24 20:21:30 -------- d-----w- C:\Users\McGilvray\AppData\Local\{B2C2B03C-6474-4357-9056-03FB36368EEF} 2012-01-24 20:08:08 -------- d-----w- C:\Users\McGilvray\AppData\Local\{38C5B404-67DD-42A2-B5D4-8AB597870B37} 2012-01-24 20:07:32 -------- d-----w- C:\Users\McGilvray\AppData\Local\{C80870E5-D708-45A8-A03D-7B86D308AF15} 2012-01-24 19:53:43 -------- d-----w- C:\Users\McGilvray\AppData\Local\{05B58725-B522-4ED0-BA30-9F7DFF725D47} 2012-01-24 19:53:28 -------- d-----w- C:\Users\McGilvray\AppData\Local\{F6392456-9908-46E7-A905-2E93F914C9C7} 2012-01-23 18:38:41 -------- d-----w- C:\Users\McGilvray\AppData\Local\{F5947848-2895-4BEE-8334-A3F3D65DF3D1} 2012-01-23 18:38:09 -------- d-----w- C:\Users\McGilvray\AppData\Local\{0DB501C9-BB8E-4BD4-B4F4-4FCD4566C841} 2012-01-23 17:11:33 -------- d-----w- C:\Users\McGilvray\AppData\Local\{6245406E-9C65-4685-8E16-628B4F742202} 2012-01-23 17:11:11 -------- d-----w- C:\Users\McGilvray\AppData\Local\{686A08F5-CD5F-4F02-9EB1-B9947CF2267A} 2012-01-19 21:48:06 -------- d-----w- C:\Program Files (x86)\Rinse 2012-01-14 04:02:27 -------- d-----w- C:\Users\McGilvray\AppData\Local\{E9498BE7-85A4-4762-AA38-0229D08B3A0B} 2012-01-14 04:02:16 -------- d-----w- C:\Users\McGilvray\AppData\Local\{A8653CE6-1446-40EC-A937-08BF32B93FF1} 2012-01-11 16:43:43 -------- d-----w- C:\Users\McGilvray\AppData\Local\{71947371-DA9B-4D5E-9686-B0ECF0600539} 2012-01-11 16:43:32 -------- d-----w- C:\Users\McGilvray\AppData\Local\{D79D7945-94BB-4E64-AF1E-66880468C474} 2012-01-11 00:53:25 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 00:53:25 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 00:53:25 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 00:53:25 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 00:53:20 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 00:53:20 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 00:53:18 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 00:53:18 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-01-07 18:02:49 -------- d-----w- C:\Users\McGilvray\AppData\Local\{5C33D533-FFE8-4C0D-9FF1-B88AD1CEFF45} 2012-01-07 18:02:38 -------- d-----w- C:\Users\McGilvray\AppData\Local\{8FD710B1-77EF-4CB1-B3BD-EF502644DDDC} 2012-01-04 22:46:27 -------- d-----w- C:\Users\McGilvray\AppData\Local\{01B31D66-534A-4B87-B7D3-8A0C5AB1075A} 2012-01-04 22:46:17 -------- d-----w- C:\Users\McGilvray\AppData\Local\{A556C761-CCA2-4A54-840A-7D9C4D035DB7} 2012-01-03 13:10:44 182672 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll . ==================== Find3M ==================== . 2011-12-15 19:28:46 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys 2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll 2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec 2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec 2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 15:41:53.37 ===============
  11. mcgilvraydh
    I think my computer has malware but before I could run the logs and post them it crashed and now it won't restart. I tried recovery back to an earlier version but that won't work either. I am thinking the malware is something to do with "Advanced Registry Optimizer". Something that was trying to run and look for viruses on my computer. Any help you can Offer is greatly appreciated. I was able to get a restart today and ran malwarebytes. It said there were no threats. I tried to go to do the following step: Download DDS from here: dds.scr or here: dds.com and save it to your desktop.and my computer said it had an error and was restarting. I will try again to see if I can make it any further in this step.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.