Jump to content

talleyk

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by talleyk

  1. talleyk
    Hello! I've gathered from others that the first step in fixing the searchnu malware is running the OTL file and then pasting the "OTL" and "Extras" text below...so here it is! OTL is first, then Extras. Thanks to anyone/everyone that helps! -Talley OTL logfile created on: 4/21/2012 8:13:20 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Talley\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 79.00% Memory free 7.93 Gb Paging File | 7.12 Gb Available in Paging File | 89.75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.44 Gb Total Space | 74.30 Gb Free Space | 63.81% Space Free | Partition Type: NTFS Drive D: | 331.01 Gb Total Space | 330.68 Gb Free Space | 99.90% Space Free | Partition Type: NTFS Drive F: | 1.83 Gb Total Space | 1.49 Gb Free Space | 81.52% Space Free | Partition Type: FAT Computer Name: TALLEY-PC | User Name: Talley | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/21 20:13:05 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Talley\Downloads\OTL (2).exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2007/08/08 01:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/07/01 10:52:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service) SRV - [2009/07/23 18:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent) SRV - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/07/01 10:52:57 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011/07/01 10:52:57 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 01:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009/07/02 18:42:07 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/18 13:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby) DRV:64bit: - [2009/06/11 20:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/08 21:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009/06/05 23:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:64bit: - [2009/06/04 03:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/05/26 06:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009/05/12 18:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:64bit: - [2008/05/23 18:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2007/07/24 12:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406 IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B 69 63 00 D7 D7 CC 01 [binary data] IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - No CLSID value found IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms} IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010 IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\..\SearchScopes\{E13BEB56-2428-4306-AA26-85ABC2D643EF}: "URL" = http://www.google.co...utputEncoding?} IE - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Talley\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Talley\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Talley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Talley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Talley\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Talley\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Talley\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Talley\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Talley\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - Extension: YouTube = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\ CHR - Extension: Gmail = C:\Users\Talley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC) O4 - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8E4C11E-C5D2-4D77-B4C8-90711401DFAE}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/04/21 16:54:07 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Roaming\Malwarebytes [2012/04/21 16:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/04/21 16:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/04/21 16:54:02 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/21 16:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/04/21 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012/04/21 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Roaming\SpeedyPC Software [2012/04/21 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Roaming\DriverCure [2012/04/21 16:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software [2012/04/21 16:17:41 | 000,000,000 | ---D | C] -- C:\Users\Talley\Documents\Computer Stuff [2012/04/21 14:21:26 | 000,000,000 | ---D | C] -- C:\Users\Talley\Documents\ASUS [2012/04/21 14:21:06 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Local\ASUS [2012/04/21 14:20:34 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Roaming\vlc [2012/04/21 14:17:57 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Local\Ilivid Player [2012/04/21 14:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012/04/21 14:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar [2012/04/04 07:25:08 | 000,000,000 | ---D | C] -- C:\Users\Talley\AppData\Roaming\Mozilla [2012/03/27 14:25:48 | 000,000,000 | ---D | C] -- C:\Users\Talley\Documents\Finances [2012/03/27 08:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/03/27 08:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java ========== Files - Modified Within 30 Days ========== [2012/04/21 20:11:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/21 20:11:18 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys [2012/04/21 16:54:03 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/21 16:46:50 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/21 16:46:50 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/21 16:45:30 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/04/21 16:40:57 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/04/21 16:29:23 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/04/21 15:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/04/21 15:48:45 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-988452407-2139325817-1405261891-1003UA.job [2012/04/21 11:11:17 | 000,729,684 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/04/21 11:11:17 | 000,626,500 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/04/21 11:11:17 | 000,107,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/04/21 09:24:38 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-988452407-2139325817-1405261891-1003Core.job [2012/04/16 20:16:57 | 000,001,439 | ---- | M] () -- C:\Users\Talley\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/04/16 20:10:25 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/04/16 20:10:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012/04/21 16:54:03 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/21 16:44:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/04/21 16:44:53 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/04/16 20:10:25 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/04/16 20:10:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011/06/27 21:34:39 | 000,000,088 | -H-- | C] () -- C:\ProgramData\aspg.dat [2011/06/27 21:33:16 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini ========== LOP Check ========== [2012/01/21 16:29:34 | 000,000,000 | ---D | M] -- C:\Users\Talley\AppData\Roaming\calibre [2012/04/21 16:18:01 | 000,000,000 | ---D | M] -- C:\Users\Talley\AppData\Roaming\DriverCure [2011/10/13 07:16:23 | 000,000,000 | ---D | M] -- C:\Users\Talley\AppData\Roaming\Dropbox [2012/04/21 16:18:01 | 000,000,000 | ---D | M] -- C:\Users\Talley\AppData\Roaming\SpeedyPC Software [2011/10/18 09:32:08 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Extras logfile created on: 4/21/2012 8:13:20 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Talley\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 79.00% Memory free 7.93 Gb Paging File | 7.12 Gb Available in Paging File | 89.75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.44 Gb Total Space | 74.30 Gb Free Space | 63.81% Space Free | Partition Type: NTFS Drive D: | 331.01 Gb Total Space | 330.68 Gb Free Space | 99.90% Space Free | Partition Type: NTFS Drive F: | 1.83 Gb Total Space | 1.49 Gb Free Space | 81.52% Space Free | Partition Type: FAT Computer Name: TALLEY-PC | User Name: Talley | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.Talley] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL "HDMI" = Intel® Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2 "{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck "{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin "{60D6618B-153F-4353-8185-908E676E5888}" = ASUS FancyStart "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1 "{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "Adobe AIR" = Adobe AIR "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "ENTERPRISE" = Microsoft Office Enterprise 2007 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager "InstallShield_{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer "InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Searchqu Toolbar" = Searchqu Toolbar ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-988452407-2139325817-1405261891-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Amazon Kindle" = Amazon Kindle "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 4/1/2012 7:50:27 PM | Computer Name = Talley-PC | Source = Application Error | ID = 1000 Description = Faulting application name: mscorsvw.exe, version: 4.0.30319.1, time stamp: 0x4ba1da21 Faulting module name: clr.dll, version: 4.0.30319.239, time stamp: 0x4e181a6d Exception code: 0xc0000005 Fault offset: 0x00024e38 Faulting process id: 0x58c Faulting application start time: 0x01cd10622cdc864a Faulting application path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll Report Id: 747fec42-7c55-11e1-b183-485b398c34e5 Error - 4/1/2012 7:50:31 PM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/1/2012 7:50:32 PM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/1/2012 7:50:32 PM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/1/2012 7:50:32 PM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/1/2012 7:50:33 PM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 4/1/2012 10:00:01 PM | Computer Name = Talley-PC | Source = Windows Backup | ID = 4103 Description = Error - 4/2/2012 3:10:54 AM | Computer Name = Talley-PC | Source = .NET Runtime | ID = 1023 Description = Error - 4/2/2012 3:10:55 AM | Computer Name = Talley-PC | Source = Application Error | ID = 1000 Description = Faulting application name: mscorsvw.exe, version: 4.0.30319.1, time stamp: 0x4ba21f5d Faulting module name: clr.dll, version: 4.0.30319.239, time stamp: 0x4e1822f4 Exception code: 0xc0000005 Fault offset: 0x000000000002a608 Faulting process id: 0x1310 Faulting application start time: 0x01cd109fa15c0936 Faulting application path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe Faulting module path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll Report Id: fc71b499-7c92-11e1-b183-485b398c34e5 Error - 4/2/2012 3:10:58 AM | Computer Name = Talley-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = [ OSession Events ] Error - 8/22/2011 9:42:22 PM | Computer Name = Talley-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 3/10/2012 5:51:49 PM | Computer Name = Talley-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 363661 seconds with 24420 seconds of active time. This session ended with a crash. [ System Events ] Error - 3/12/2012 11:19:48 PM | Computer Name = Talley-PC | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 70. The internal error state is 105. Error - 3/12/2012 11:19:48 PM | Computer Name = Talley-PC | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 70. The internal error state is 105. Error - 3/12/2012 11:19:48 PM | Computer Name = Talley-PC | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 70. The internal error state is 105. Error - 3/12/2012 11:19:48 PM | Computer Name = Talley-PC | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 70. The internal error state is 105. Error - 3/12/2012 11:19:48 PM | Computer Name = Talley-PC | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 70. The internal error state is 105. Error - 3/14/2012 12:08:54 PM | Computer Name = Talley-PC | Source = bowser | ID = 8003 Description = Error - 3/16/2012 2:19:08 AM | Computer Name = Talley-PC | Source = DCOM | ID = 10010 Description = Error - 3/20/2012 12:26:04 PM | Computer Name = Talley-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. Error - 3/20/2012 12:26:34 PM | Computer Name = Talley-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. Error - 3/20/2012 12:26:34 PM | Computer Name = Talley-PC | Source = Service Control Manager | ID = 7000 Description = The Application Information service failed to start due to the following error: %%1053 < End of report >
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.