Jump to content

kjay

Honorary Members
  • Posts

    60
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Haven't had much time lately to work on the computer and I will be away for a few days. Having a hard time getting a particular Microsoft update to install. Hope to get back to it next week. Thanks for checking in.
  2. I am still working on resolving some Microsoft update issues and will send you the logs tomorrow night.
  3. Thanks. I will do this tomorrow night and get back to you.
  4. Ran the above temp file cleaner and rebooted. Still getting the error message on start-up as follows: "Microsoft Security Client - An error occurred in the program during initialization. Error 0x80070002". Also logging into the account Chris Jacobs still directs me to the temp user account. Other than that the computer is operating normally.
  5. And here is the log from the MiniTool. MiniToolBox by Farbar Version: 13-07-2013 Ran by Chris Jacobs (administrator) on 28-07-2013 at 22:44:31 Running from "C:\Documents and Settings\TEMP\Desktop" Microsoft Windows XP Professional Service Pack 3 (X86) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Intel® 82566DC Gigabit Network Connection = Local Area Connection (Connected) # ---------------------------------- # Interface IP Configuration # ---------------------------------- pushd interface ip # Interface IP Configuration for "Local Area Connection" set address name="Local Area Connection" source=dhcp set dns name="Local Area Connection" source=dhcp register=PRIMARY set wins name="Local Area Connection" source=dhcp popd # End of interface IP configuration Windows IP Configuration Host Name . . . . . . . . . . . . : KJacobs Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : phub.net.cable.rogers.com Description . . . . . . . . . . . : Intel® 82566DC Gigabit Network Connection Physical Address. . . . . . . . . : 00-19-D1-1D-42-C2 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 208.67.222.222 208.67.222.220 Lease Obtained. . . . . . . . . . : July 28, 2013 10:36:32 PM Lease Expires . . . . . . . . . . : August 4, 2013 10:36:32 PM Server: resolver1.opendns.com Address: 208.67.222.222 Name: google.com.phub.net.cable.rogers.com Address: 67.215.65.132 Pinging google.com [173.194.43.97] with 32 bytes of data: Reply from 173.194.43.97: bytes=32 time=13ms TTL=56 Reply from 173.194.43.97: bytes=32 time=9ms TTL=56 Ping statistics for 173.194.43.97: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 9ms, Maximum = 13ms, Average = 11ms Server: resolver1.opendns.com Address: 208.67.222.222 Name: yahoo.com.phub.net.cable.rogers.com Address: 67.215.65.132 Pinging yahoo.com [98.139.183.24] with 32 bytes of data: Reply from 98.139.183.24: bytes=32 time=144ms TTL=52 Reply from 98.139.183.24: bytes=32 time=44ms TTL=52 Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 44ms, Maximum = 144ms, Average = 94ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x10003 ...00 19 d1 1d 42 c2 ...... Intel® 82566DC Gigabit Network Connection =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 10 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 169.254.0.0 255.255.0.0 192.168.0.10 192.168.0.10 20 192.168.0.0 255.255.255.0 192.168.0.10 192.168.0.10 10 192.168.0.10 255.255.255.255 127.0.0.1 127.0.0.1 10 192.168.0.255 255.255.255.255 192.168.0.10 192.168.0.10 10 224.0.0.0 240.0.0.0 192.168.0.10 192.168.0.10 10 255.255.255.255 255.255.255.255 192.168.0.10 192.168.0.10 1 Default Gateway: 192.168.0.1 =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation) Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 10 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) Catalog9 11 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (07/28/2013 07:49:25 AM) (Source: NativeWrapper) (User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560 Error: (07/28/2013 07:49:25 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log. Error: (07/28/2013 07:49:23 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue. Error: (07/27/2013 08:34:34 AM) (Source: NativeWrapper) (User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560 Error: (07/27/2013 08:34:32 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log. Error: (07/27/2013 08:34:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue. Error: (07/26/2013 11:49:03 PM) (Source: Windows Search Service) (User: ) Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog Error: (07/26/2013 11:49:02 PM) (Source: Windows Search Service) (User: ) Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog Error: (07/26/2013 02:49:20 PM) (Source: Windows Search Service) (User: ) Description: The entry <C:\DOCUMENTS AND SETTINGS\TEMP\MY DOCUMENTS\MY GAMES\SID MEIER'S CIVILIZATION 5\CACHE\CIV5SAVEDGAMEDATABASE.DB> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (07/26/2013 02:49:19 PM) (Source: Windows Search Service) (User: ) Description: The entry <C:\DOCUMENTS AND SETTINGS\TEMP\MY DOCUMENTS\MY GAMES\SID MEIER'S CIVILIZATION 5\CACHE\CIV5MODSDATABASE.DB-JOURNAL> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) System errors: ============= Error: (07/28/2013 06:40:11 PM) (Source: Service Control Manager) (User: ) Description: The Security Services Driver (x86) service failed to start due to the following error: %%2 Error: (07/28/2013 06:07:04 PM) (Source: Service Control Manager) (User: ) Description: The Security Services Driver (x86) service failed to start due to the following error: %%2 Error: (07/27/2013 08:35:48 AM) (Source: Windows Update Agent) (User: ) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941). Error: (07/27/2013 08:28:07 AM) (Source: Service Control Manager) (User: ) Description: The IMAPI CD-Burning COM Service service failed to start due to the following error: %%1053 Error: (07/27/2013 08:28:07 AM) (Source: Service Control Manager) (User: ) Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect. Error: (07/27/2013 08:27:05 AM) (Source: Service Control Manager) (User: ) Description: The Security Services Driver (x86) service failed to start due to the following error: %%2 Error: (07/27/2013 08:26:49 AM) (Source: Dhcp) (User: ) Description: The IP address lease 192.168.0.10 for the Network Card with network address 0019D11D42C2 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). Error: (07/26/2013 08:49:13 PM) (Source: W32Time) (User: ) Description: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error: (07/26/2013 08:49:13 PM) (Source: W32Time) (User: ) Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error: (07/26/2013 08:48:51 PM) (Source: Dhcp) (User: ) Description: The IP address lease 192.168.0.14 for the Network Card with network address 0019D11D42C2 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). Microsoft Office Sessions: ========================= Error: (07/28/2013 07:49:25 AM) (Source: NativeWrapper)(User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560 Error: (07/28/2013 07:49:25 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Microsoft .NET Framework 1.1{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log Error: (07/28/2013 07:49:23 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL) Error: (07/27/2013 08:34:34 AM) (Source: NativeWrapper)(User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560 Error: (07/27/2013 08:34:32 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Microsoft .NET Framework 1.1{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log Error: (07/27/2013 08:34:31 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL) Error: (07/26/2013 11:49:03 PM) (Source: Windows Search Service)(User: ) Description: Context: Application, SystemIndex Catalog Error: (07/26/2013 11:49:02 PM) (Source: Windows Search Service)(User: ) Description: Context: Application, SystemIndex Catalog Error: (07/26/2013 02:49:20 PM) (Source: Windows Search Service)(User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) C:\DOCUMENTS AND SETTINGS\TEMP\MY DOCUMENTS\MY GAMES\SID MEIER'S CIVILIZATION 5\CACHE\CIV5SAVEDGAMEDATABASE.DB Error: (07/26/2013 02:49:19 PM) (Source: Windows Search Service)(User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) C:\DOCUMENTS AND SETTINGS\TEMP\MY DOCUMENTS\MY GAMES\SID MEIER'S CIVILIZATION 5\CACHE\CIV5MODSDATABASE.DB-JOURNAL =========================== Installed Programs ============================ Adobe AIR (Version: 2.7.1.19610) Adobe Community Help (Version: 3.5.23) Adobe Flash Player 11 ActiveX (Version: 11.7.700.224) Adobe Flash Player 11 Plugin (Version: 11.7.700.224) Adobe Photoshop CS6 (Version: 13.0) Adobe Reader XI (11.0.03) (Version: 11.0.03) Adobe Shockwave Player 11.6 (Version: 11.6.6.636) Apple Application Support (Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card ArcSoft Print Creations (Version: 2.8.255.384) ATI Catalyst Install Manager (Version: 3.0.795.0) ATI Catalyst Registration (Version: 3.00.0000) ATI Parental Control & Encoder (Version: 3.0) AVS Video Editor 6 (Version: 6.3.3.235) BioShock (Version: 2.5.0000) Black's Digital Solution Studio (Version: 2.6.8.704) Bonjour (Version: 3.0.0.10) Canon Camera Access Library (Version: 8.2.0.1) Canon Camera Support Core Library (Version: 7.3.1.6) Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17) Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.3.0.11) Canon Easy-PhotoPrint EX Canon Easy-PhotoPrint Pro Canon Easy-WebPrint EX Canon G.726 WMP-Decoder (Version: 1.0.1.3) Canon MG6100 series MP Drivers Canon MOV Decoder (Version: 1.8.0.7) Canon MOV Encoder (Version: 1.6.0.1) Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4) Canon MP Navigator EX 4.0 Canon My Printer Canon RAW Image Task for ZoomBrowser EX (Version: 2.4.0.7) Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.6.0.9) Canon Solution Menu EX Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.2.0) Canon Utilities EOS Sample Music (Version: 1.0.0.204) Canon Utilities EOS Utility (Version: 2.10.2.0) Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10) Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7) Canon Utilities PhotoStitch (Version: 3.1.22.46) Canon Utilities Picture Style Editor (Version: 1.9.0.0) Canon Utilities ZoomBrowser EX (Version: 6.7.0.24) Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (Version: 2010.0910.2122.36517) Catalyst Control Center InstallProxy (Version: 2010.0910.2122.36517) CCC Help English (Version: 2010.0910.2121.36517) ccc-core-static (Version: 2010.0910.2122.36517) ccc-utility (Version: 2010.0910.2122.36517) CCScore (Version: 7.00.0000.0001) Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000) Critical Update for Windows Media Player 11 (KB959772) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell CinePlayer (Version: 3.0) Dell Driver Reset Tool (Version: 1.02.0000) Dell Support 3.2.1 (Version: 5.5.2087) Dell System Restore (Version: 2.00.0000) DivX Web Player (Version: 1.4.3) DVD-MovieAlbumSE 3 for DVDCAM EPSON Printer Software ERUNT 1.1j ESET NOD32 Antivirus (Version: 6.0.316.0) ESET Online Scanner v3 ESPNMotion (Version: 2.1.6.0011) ESSBrwr (Version: 8.00.0000.0001) ESSCDBK (Version: 8.00.0000.0001) ESSgui (Version: 8.00.0000.0001) ESSini (Version: 8.00.0000.0001) ESSPCD (Version: 7.01.0000.0001) ESSTOOLS (Version: 5.00.0000.0004) Europa Universalis III EZface ActiveX 210 (Version: 2.1.0) Fraps (remove only) Google Talk Plugin (Version: 2.1.8.0) Google Toolbar for Internet Explorer (Version: 1.0.0) Graboid Video 3.05 (Version: 3.05) High Definition Audio Driver Package - KB835221 (Version: 20040219.000000) Intel® Matrix Storage Manager Intel® PRO Network Connections (Version: ) InterActual Player iTunes (Version: 11.0.2.26) Java 7 Update 7 (Version: 7.0.70) Java Auto Updater (Version: 2.1.9.0) Java 6 Update 33 (Version: 6.0.330) KEDDS (Version: 1.04.0000.0005) kgcbaby (Version: 5.03.0000.0002) kgchday (Version: 5.03.0000.0002) kgchlwn (Version: 5.03.0000.0002) kgcinvt (Version: 5.03.0000.0003) kgckids (Version: 6.03.0001.0001) kgcmove (Version: 6.03.0001.0001) kgcvday (Version: 5.03.0000.0002) Logitech Gaming Software (Version: 4.40) Malwarebytes' Anti-Malware Managed DirectX (0900) (Version: 4.09.00.0900) MCU (Version: 1.00.0000) Microsoft .NET Framework 1.0 Hotfix (KB2572066) Microsoft .NET Framework 1.0 Hotfix (KB2604042) Microsoft .NET Framework 1.0 Hotfix (KB2656378) Microsoft .NET Framework 1.0 Security Update (KB2698035) Microsoft .NET Framework 1.0 Security Update (KB2742607) Microsoft .NET Framework 1.0 Security Update (KB2833951) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Download Manager (Version: 1.2.1) Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (Version: 14.0.6029.1000) Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0) Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514) Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463) Microsoft Security Client (Version: 4.2.0223.1) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0) Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Works 6-9 Converter (Version: 9.7.0621) Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) MobileMe Control Panel (Version: 3.1.5.0) Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0) Mozilla Maintenance Service (Version: 22.0) MSN MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 6.0 Parser (Version: 6.00.3883.8) Musicnotes Player Musicnotes Software Suite 1.0 (Version: 1.1) Nancy Drew: The Captive Curse (Version: 8.0.0.30162) Nancy Drew: The Curse of Blackmoor Manor netbrdg (Version: 7.01.0000.0001) On2 VP3 Video for Windows Codec Origin (Version: 8.2.2.2413) Otto PDF Settings CS6 (Version: 11.0) Picasa 3 (Version: 3.9) Picture Package Music Transfer (Version: 1.1.00.11270) PSE10 STI Installer (Version: 10.0) PunkBuster Services (Version: 0.986) QuickTax 2006 QuickTax 2007 (Version: 1.00.0000) QuickTax 2008 (Version: 1.00.0000) QuickTax 2009 (Version: 1.00.0000) QuickTime (Version: 7.73.80.64) QuickTime for Windows (32-bit) Race Day Demo Version RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0) RealPlayer (Version: 15.0.6) RealUpgrade 1.1 (Version: 1.1.0) RPS CRT (Version: 7.0.28) Samsung Media Studio SecondLife (remove only) SHASTA (Version: 7.01.0000.0001) Sibelius Scorch (ActiveX Only) (Version: 5.2.1) Sid Meier's Civilization V skin0001 (Version: 8.00.0000.0001) Skype Click to Call (Version: 6.10.13089) Skype™ 6.3 (Version: 6.3.105) Smart Menus (Windows Live Toolbar) (Version: 03.01.0146) Sonic Activation Module (Version: 1.0) Sonic Encoders (Version: 1.00) Sony Picture Utility (Version: 3.0.01.12110) Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0) staticcr (Version: 8.00.0000.0001) Steam (Version: 1.0.0.0) swMSM (Version: 12.0.0.1) TeamViewer 5 (Version: 5.1.10408 ) The Sims™ 3 (Version: 1.42.130) The Sims™ 3 Ambitions (Version: 4.10.1) The Sims™ 3 Late Night (Version: 6.0.81) Tiger Woods PGA TOUR 2004 TurboTax 2010 (Version: 1.00.0000) TurboTax 2011 (Version: 1.00.0000) TurboTax 2012 (Version: 1.00.0000) UltimateGamesBar Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft Windows (KB971513) Update for Windows Media Player 10 (KB910393) Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB2141007) (Version: 1) Update for Windows XP (KB2345886) (Version: 1) Update for Windows XP (KB2467659) (Version: 1) Update for Windows XP (KB2492386) (Version: 1) Update for Windows XP (KB2541763) (Version: 1) Update for Windows XP (KB2607712) (Version: 1) Update for Windows XP (KB2616676) (Version: 1) Update for Windows XP (KB2641690) (Version: 1) Update for Windows XP (KB2661254-v2) (Version: 2) Update for Windows XP (KB2718704) (Version: 1) Update for Windows XP (KB2736233) (Version: 1) Update for Windows XP (KB2749655) (Version: 1) Update for Windows XP (KB943729) Update for Windows XP (KB951072-v2) (Version: 2) Update for Windows XP (KB951978) (Version: 1) Update for Windows XP (KB955759) (Version: 1) Update for Windows XP (KB955839) (Version: 1) Update for Windows XP (KB961503) (Version: 1) Update for Windows XP (KB967715) (Version: 1) Update for Windows XP (KB968389) (Version: 1) Update for Windows XP (KB971029) (Version: 1) Update for Windows XP (KB971737) (Version: 1) Update for Windows XP (KB973687) (Version: 1) Update for Windows XP (KB973815) (Version: 1) Update Rollup 2 for Windows XP Media Center Edition 2005 VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0) VLC media player 2.0.7 (Version: 2.0.7) VoiceOver Kit (Version: 1.42.128.0) WebFldrs XP (Version: 9.50.7523) Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2) Windows Imaging Component (Version: 3.0.0.0) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 (Version: 20061107.210142) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Live Mail Windows Live Sign-in Assistant (Version: 5.000.818.6) Windows Live Sync (Version: 14.0.8117.416) Windows Live Upload Tool (Version: 14.0.8014.1029) Windows Live Writer (Version: 14.0.8089.0726) Windows Media Format 11 runtime Windows Media Player 10 (Version: 9.00.3636) Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows PowerShell 1.0 (Version: 1) Windows Search 4.0 (Version: 04.00.6001.503) Windows XP Media Center Edition 2005 KB2502898 Windows XP Media Center Edition 2005 KB2619340 Windows XP Media Center Edition 2005 KB2628259 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB925766 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 (Version: 20080414.031525) WinRAR 4.20 (32-bit) (Version: 4.20.0) WIRELESS (Version: 7.02.0000.0001) YP-U1 (Version: ) ZoneAlarm Free Firewall (Version: 10.2.078.000) ========================= Devices: ================================ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ========================= Memory info: =================================== Percentage of memory in use: 35% Total physical RAM: 2045.85 MB Available physical RAM: 1325.21 MB Total Pagefile: 3938.23 MB Available Pagefile: 3369.33 MB Total Virtual: 2047.88 MB Available Virtual: 1967.04 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:293.4 GB) (Free:93.17 GB) NTFS ========================= Users: ======================================== User accounts for \\KJACOBS Administrator Aidan Jacobs Alison Jacobs Chris Jacobs Guest Hannah Jacobs HelpAssistant Katherine Jacobs kodak SUPPORT_388945a0 ========================= Minidump Files ================================== C:\WINDOWS\Minidump\Mini030610-01.dmp C:\WINDOWS\Minidump\Mini041611-01.dmp C:\WINDOWS\Minidump\Mini050210-01.dmp C:\WINDOWS\Minidump\Mini051510-01.dmp C:\WINDOWS\Minidump\Mini101710-01.dmp C:\WINDOWS\Minidump\Mini101810-01.dmp C:\WINDOWS\Minidump\Mini102410-01.dmp C:\WINDOWS\Minidump\Mini102710-01.dmp C:\WINDOWS\Minidump\Mini102910-01.dmp C:\WINDOWS\Minidump\Mini110110-01.dmp C:\WINDOWS\Minidump\Mini110609-01.dmp **** End of log ****
  6. Here is the log for FRST. I will now run the MiniTool and send the log when it finishes. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-07-2013 Ran by Chris Jacobs at 2013-07-28 22:34:07 Run:2 Running from C:\Documents and Settings\TEMP\Desktop Boot Mode: Normal ============================================== "C:\Program Files\Windows Defender" => Not Found "C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started. "C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed. HKU\Alison Jacobs\Software\Microsoft\Windows\CurrentVersion\Run\\EleFunAnimatedWallpaper => Value deleted successfully. HKU\Katherine Jacobs\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryBooster => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully. HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Value not found. HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Key not found. HKCR\CLSID\{000F1EA4-5E08-4564-A29B-29076F63A37A} => Key deleted successfully. HKCR\CLSID\{02BCC737-B171-4746-94C9-0D8A0B2C0089} => Key deleted successfully. HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000} => Key deleted successfully. HKCR\CLSID\{17492023-C23A-453E-A040-C7C580BBF700} => Key deleted successfully. HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258} => Key deleted successfully. HKCR\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616} => Key deleted successfully. HKCR\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968} => Key deleted successfully. HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully. HKCR\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} => Key not found. HKCR\CLSID\{B479199A-1242-4E3C-AD81-7F0DF801B4AE} => Key deleted successfully. HKCR\CLSID\{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} => Key deleted successfully. HKCR\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => Key deleted successfully. HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully. HKCR\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key not found. HKCR\CLSID\{FF1CD9A3-00CD-45C1-8182-4EEC229A182D} => Key deleted successfully. C:\Documents and Settings\Chris Jacobs\Desktop\FSS.txt => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\FSS.exe => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\MiniToolBox (1).exe => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\restoredefaultperms.exe => Moved successfully. C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a.zip => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\FRST.txt => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\Result.txt => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\tdsskiller.exe => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\ServicesRepair (1).exe => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to FRST.lnk => Moved successfully. C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3363229072-3021304974-548893752-1007.job => Moved successfully. C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3363229072-3021304974-548893752-1007.job => Moved successfully. C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => Moved successfully. C:\ComboFix.txt => Moved successfully. C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-KJACOBS-Chris Jacobs.job => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\eset scan.txt => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\NTREGOPT.lnk => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\ERUNT.lnk => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\attach.txt => Moved successfully. C:\Documents and Settings\Chris Jacobs\Desktop\dds.txt => Moved successfully. The system needs a manual reboot. ==== End of Fixlog ====
  7. Hi. Computer is acting up a bit this week. It crashed on my son the other day and now the user account we generally use has created a temp account. We still log in as we would have, but the desktop is different. When I look on my c drive it says c:\documents and settings\temp\my documents. It previously would have said c:\documents and settings\chris jacobs. I don't know how to switch it back and wasn't sure if I should run the fix as this problem occurred after my last post to you. Please advise is I should proceed with the fixlist. Hope this makes sense to you.
  8. Here is the log from the Farbar Recovery Scan Tool Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-07-2013 Ran by Chris Jacobs (administrator) on 23-07-2013 21:49:20 Running from C:\Documents and Settings\Chris Jacobs\My Documents\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Orb Networks, Inc.) C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE () C:\WINDOWS\system32\PnkBstrA.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (TorchMedia Inc.) C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe (Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe (Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe (Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe (SigmaTel, Inc.) C:\WINDOWS\stsystra.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe () C:\Program Files\Dell\Media Experience\DMXLauncher.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [67584 2005-09-29] (Microsoft Corporation) HKLM\...\Run: [sigmatelSysTrayApp] - stsystra.exe [x] HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-07-06] (Intel Corporation) HKLM\...\Run: [DMXLauncher] - C:\Program Files\Dell\Media Experience\DMXLauncher.exe [94208 2005-10-05] () HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-12-14] (Apple Inc.) HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM\...\Run: [startCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-10] (Advanced Micro Devices, Inc.) HKLM\...\Run: [ATICustomerCare] - C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.) HKLM\...\Run: [YeppStudioAgent] - C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe [40960 2005-09-12] () HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-24] (CANON INC.) HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM\...\Run: [iSUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [296096 2012-08-10] (RealNetworks, Inc.) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET) Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) HKCU\...\Run: [steam] - C:\Program Files\Steam\Steam.exe [1672616 2013-07-09] (Valve Corporation) HKCU\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [18672232 2013-02-28] (Skype Technologies S.A.) HKCU\...\Run: [Google Update] - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2011-04-30] (Google Inc.) HKU\Administrator\...\Run: [DellSupport] - "C:\Program Files\Dell Support\DSAgnt.exe" /startup [x] HKU\Aidan Jacobs\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x] HKU\Aidan Jacobs\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x] HKU\Alison Jacobs\...\Run: [DellSupport] - "C:\Program Files\Dell Support\DSAgnt.exe" /startup [x] HKU\Alison Jacobs\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x] HKU\Alison Jacobs\...\Run: [EleFunAnimatedWallpaper] - [x] HKU\Alison Jacobs\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x] HKU\Default User\...\Run: [DellSupport] - "C:\Program Files\Dell Support\DSAgnt.exe" /startup [x] HKU\Guest\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime [x] HKU\Guest\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x] HKU\Hannah Jacobs\...\Run: [DellSupport] - "C:\Program Files\Dell Support\DSAgnt.exe" /startup [x] HKU\Hannah Jacobs\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x] HKU\Hannah Jacobs\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x] HKU\Katherine Jacobs\...\Run: [RegistryBooster] - "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 [x] Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe" SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKCU - {093d18f3-98c6-4e68-b6c0-9da816681fcf} URL = BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) Toolbar: HKCU -No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU -Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU -No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.com/plugin/web/SOEWebInstaller.cab DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.com/activex/plx_upldr-2k-xp.cab Handler: intu-qt2007 - {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-qt2008 - {05E53CE9-66C8-4a9e-A99F-FDB7A8E7B596} - C:\Program Files\QuickTax 2008\ic2008pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-qt2009 - {03947252-2355-4e9b-B446-8CCC75C43370} - C:\Program Files\QuickTax 2009\ic2009pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - C:\Program Files\TurboTax 2011\ic2011pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: ipp - No CLSID Value - Handler: msdaipp - No CLSID Value - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.222.220 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @GameNutt_2s.com/Plugin - C:\Program Files\GameNutt_2s\bar\1.bin\NP2sStub.dll No File FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/DownloadManager,version=1.1 - C:\WINDOWS\ () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @soe.sony.com/installer,version=1.0.3 - C:\WINDOWS\Downloaded Program Files\npsoe.dll () FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\searchplugins\visualbee-v1-customized-web-search.xml FF Extension: No Name - C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Extensions\mozswing@mozswing.org FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [2sffxtbr@GameNutt_2s.com] C:\Program Files\GameNutt_2s\bar\1.bin FF Extension: UltimateGamesBar - C:\Program Files\GameNutt_2s\bar\1.bin FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll No File CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Google Update) - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Unity Player) - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (SOE Web Installer) - C:\WINDOWS\Downloaded Program Files\npsoe.dll () CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) CHR Extension: (Docs) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0 CHR Extension: (Torch Share) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0 CHR Extension: (Skype Click to Call) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0 CHR Extension: (Gmail) - C:\DOCUME~1\CHRISJ~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Torch\Plugins\TorchPlugin.crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET) R2 KodakDigitalDisplayService; C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe [98304 2009-05-14] (Orb Networks, Inc.) R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2010-11-08] () R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472 2013-07-12] (Skype Technologies S.A.) R2 TorchCrashHandler; C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe [1205088 2013-06-20] (TorchMedia Inc.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [5417472 2010-09-10] (ATI Technologies Inc.) S3 DSproct; C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [4864 2006-01-10] (GTek Technologies Ltd.) R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [105784 2013-01-10] (ESET) R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider) S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [24064 2006-06-05] (Intel Corporation ) U1 NDISRD; C:\Windows\System32\Drivers\NDISRD.sys [24576 2009-06-22] (NT Kernel Resources) R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2003-01-09] (Padus, Inc.) R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1156648 2006-07-24] (SigmaTel, Inc.) R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.) S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.) S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.) R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x] S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x] S2 RPSKT; system32\DRIVERS\rp_skt32.sys [x] ==================== NetSvcs (Whitelisted) =================== NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-07-23 21:42 - 2013-07-23 21:42 - 00000938 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to FRST.lnk 2013-07-23 17:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2013-07-23 17:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2013-07-23 17:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2013-07-23 17:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2013-07-23 17:20 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2013-07-23 17:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2013-07-23 17:20 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2013-07-23 17:20 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2013-07-23 17:20 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2013-07-23 17:20 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2013-07-23 17:20 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2013-07-23 17:20 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2013-07-23 17:06 - 2013-07-23 17:06 - 00000216 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Sid Meier's Civilization V Brave New World Demo.url 2013-07-19 22:29 - 2013-07-19 22:29 - 00128514 _____ C:\WINDOWS\KB2834904.log 2013-07-19 22:29 - 2013-07-19 22:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$ 2013-07-19 22:28 - 2013-07-19 22:28 - 00129299 _____ C:\WINDOWS\KB2834886.log 2013-07-19 22:28 - 2013-07-19 22:28 - 00014602 _____ C:\Documents and Settings\Chris Jacobs\Desktop\HitmanPro_20130719_2228.log 2013-07-19 22:28 - 2013-07-19 22:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$ 2013-07-19 22:27 - 2013-07-19 22:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$ 2013-07-19 22:24 - 2013-07-19 22:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$ 2013-07-19 22:09 - 2013-07-19 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro 2013-07-19 22:09 - 2013-07-19 22:09 - 00000967 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to HitmanPro.lnk 2013-07-19 22:08 - 2013-07-19 22:09 - 00133219 _____ C:\WINDOWS\KB2846071-IE8.log 2013-07-19 22:07 - 2013-07-19 22:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2833951$ 2013-07-19 22:06 - 2013-07-19 22:07 - 00135603 _____ C:\WINDOWS\KB2833951.log 2013-07-18 23:01 - 2013-07-19 22:27 - 00136384 _____ C:\WINDOWS\KB2850851.log 2013-07-18 23:00 - 2013-07-19 22:25 - 00138343 _____ C:\WINDOWS\KB2845187.log 2013-07-18 22:41 - 2013-07-18 22:47 - 00005218 _____ C:\FixitRegBackup.reg 2013-07-18 22:41 - 2013-07-18 22:41 - 00001017 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to MicrosoftFixit50535.lnk 2013-07-18 22:29 - 2013-07-18 22:29 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\Malwarebytes 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2013-07-18 22:29 - 2010-12-20 18:09 - 00038224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2013-07-18 22:29 - 2010-12-20 18:08 - 00020952 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-07-18 22:28 - 2013-07-18 22:28 - 00000635 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to mbam-setup-1.50.1.1100.lnk 2013-07-18 22:23 - 2013-07-18 22:24 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Chris Jacobs\Desktop\mbam-setup-1.75.0.1300.exe 2013-07-18 22:12 - 2013-07-18 22:12 - 00080456 _____ (Malwarebytes Corporation) C:\Documents and Settings\Chris Jacobs\Desktop\mbam-clean-1.60.2.0003.exe 2013-07-18 03:45 - 2013-07-18 03:45 - 00017966 _____ C:\ComboFix.txt 2013-07-18 03:11 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2013-07-18 03:11 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2013-07-18 03:11 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe 2013-07-18 03:11 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe 2013-07-18 01:39 - 2013-07-18 01:39 - 00003561 _____ C:\Documents and Settings\Chris Jacobs\Desktop\FSS.txt 2013-07-18 01:38 - 2013-07-18 01:37 - 00357077 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\FSS.exe 2013-07-18 01:19 - 2013-07-18 01:13 - 00760937 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\MiniToolBox (1).exe 2013-07-18 01:11 - 2004-06-11 16:33 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\subinacl.exe 2013-07-18 01:10 - 2013-07-18 01:08 - 00186787 _____ C:\Documents and Settings\Chris Jacobs\Desktop\restoredefaultperms.exe 2013-07-18 00:14 - 2013-07-18 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-07-18 00:08 - 2013-07-18 00:08 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a 2013-07-18 00:08 - 2013-07-17 14:41 - 13726595 _____ C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a.zip 2013-07-11 23:25 - 2013-07-11 23:25 - 00060975 _____ C:\Documents and Settings\Chris Jacobs\Desktop\FRST.txt 2013-07-11 23:21 - 2013-07-18 01:20 - 00026320 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Result.txt 2013-07-11 19:49 - 2013-07-11 19:37 - 02240864 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Chris Jacobs\Desktop\tdsskiller.exe 2013-07-11 00:41 - 2013-07-11 00:09 - 04009167 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ServicesRepair (1).exe 2013-07-10 14:54 - 2013-07-10 15:09 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2013-07-10 14:12 - 2013-07-10 14:53 - 00065536 _____ C:\WINDOWS\system32\config\Doctor W.evt 2013-07-10 14:12 - 2013-07-10 14:12 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Doctor Web 2013-07-10 12:56 - 2013-07-10 11:06 - 124212832 _____ C:\Documents and Settings\Chris Jacobs\Desktop\drweb-cureit.exe 2013-07-10 11:28 - 2013-07-10 11:28 - 00000000 ____D C:\Documents and Settings\All Users\Desktop\CC Support 2013-07-10 11:28 - 2013-07-10 10:56 - 04009167 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ServicesRepair.exe 2013-07-09 22:54 - 2013-07-18 03:32 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT.tmp.LOG 2013-07-08 09:02 - 2013-07-18 03:45 - 00000000 ____D C:\Qoobox 2013-07-08 08:58 - 2013-07-18 03:08 - 05090256 ____R (Swearware) C:\Documents and Settings\Chris Jacobs\Desktop\ComboFix.exe 2013-07-06 21:29 - 2013-07-11 23:13 - 01218598 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\FRST.exe 2013-07-06 21:29 - 2013-07-07 08:49 - 00000000 ____D C:\FRST 2013-07-06 11:43 - 2013-07-11 23:12 - 00760775 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\MiniToolBox.exe 2013-07-05 11:01 - 2013-07-05 11:01 - 00052279 _____ C:\Documents and Settings\Chris Jacobs\Desktop\eset scan.txt 2013-07-05 03:04 - 2013-07-05 03:04 - 00013049 _____ C:\WINDOWS\KB2485663.log 2013-07-05 03:04 - 2013-07-05 03:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2485663$ 2013-07-05 03:00 - 2013-07-05 03:00 - 00007443 _____ C:\WINDOWS\KB923561.log 2013-07-05 03:00 - 2013-07-05 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923561$ 2013-07-05 00:38 - 2013-07-05 00:38 - 00004139 _____ C:\Documents and Settings\Chris Jacobs\Desktop\JRT.txt 2013-07-05 00:35 - 2013-07-05 00:35 - 00000000 ____D C:\WINDOWS\ERUNT 2013-07-04 22:02 - 2013-07-04 22:03 - 00000000 ____D C:\Program Files\ERUNT 2013-07-04 22:02 - 2013-07-04 22:02 - 00000611 _____ C:\Documents and Settings\Chris Jacobs\Desktop\NTREGOPT.lnk 2013-07-04 22:02 - 2013-07-04 22:02 - 00000592 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ERUNT.lnk 2013-07-04 00:22 - 2013-07-04 00:22 - 00025604 _____ C:\Documents and Settings\Chris Jacobs\Desktop\attach.txt 2013-07-04 00:22 - 2013-07-04 00:22 - 00021871 _____ C:\Documents and Settings\Chris Jacobs\Desktop\dds.txt 2013-07-03 22:30 - 2013-07-03 23:37 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-07-03 22:01 - 2013-07-03 22:01 - 00000782 _____ C:\Documents and Settings\kodak\Desktop\Windows Media Player.lnk 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951748$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951698$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951066$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950974$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$ 2013-07-03 21:16 - 2008-04-14 05:41 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\ieencode.dll 2013-07-02 19:34 - 2013-07-23 18:44 - 00000292 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3363229072-3021304974-548893752-1007.job 2013-07-02 13:51 - 2013-07-02 19:06 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\The Curse of Blackmoor Manor 2013-07-02 13:51 - 2013-07-02 13:51 - 00000807 _____ C:\Documents and Settings\All Users\Desktop\The Curse of Blackmoor Manor.lnk 2013-07-01 16:12 - 2013-07-01 16:12 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia 2013-07-01 16:11 - 2013-07-01 16:11 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Adobe 2013-07-01 12:54 - 2013-07-01 12:54 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\ESET 2013-07-01 12:17 - 2013-07-05 01:13 - 00000000 ____D C:\Program Files\ESET 2013-07-01 12:17 - 2013-07-01 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET 2013-07-01 11:38 - 2013-07-01 11:38 - 00866592 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Norton_Removal_Tool.exe 2013-07-01 01:42 - 2013-07-01 01:42 - 00000000 ____D C:\Program Files\Microsoft ActiveSync 2013-07-01 01:21 - 2013-07-01 01:21 - 00000738 _____ C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Outlook Express.lnk 2013-07-01 00:43 - 2013-07-01 01:49 - 00000000 __HDC C:\WINDOWS\ie8 2013-07-01 00:38 - 2013-07-01 00:38 - 00001892 _____ C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk 2013-07-01 00:38 - 2013-07-01 00:38 - 00000000 ____D C:\Program Files\Microsoft Download Manager 2013-07-01 00:17 - 2013-07-01 00:17 - 00000000 ____D C:\WINSSLog 2013-06-30 23:27 - 2013-06-30 23:29 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2013-06-30 21:57 - 2013-06-30 21:57 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\saves 2013-06-30 16:20 - 2013-06-30 16:20 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\texturepacks 2013-06-30 16:19 - 2013-06-30 16:19 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\stats 2013-06-30 16:19 - 2013-06-30 16:19 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\screenshots 2013-06-29 13:41 - 2013-06-29 13:42 - 106387587 _____ C:\Documents and Settings\Chris Jacobs\Application Data\.minecraft.rar 2013-06-29 08:35 - 2013-06-29 08:35 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Sun 2013-06-28 18:43 - 2013-06-28 18:43 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\RealNetworks 2013-06-28 18:43 - 2013-06-28 18:43 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Real 2013-06-28 14:40 - 2013-06-28 14:40 - 00009216 ___SH C:\Documents and Settings\Chris Jacobs\Downloads\Thumbs.db 2013-06-28 14:10 - 2013-06-28 14:09 - 02032810 _____ C:\Documents and Settings\Chris Jacobs\Desktop\minecraftforge-universal-1.5.2-7.8.1.737[1].zip 2013-06-28 12:52 - 2013-06-28 12:52 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\AVS4YOU 2013-06-28 12:28 - 2013-06-28 12:28 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\AVS4YOU 2013-06-28 12:28 - 2013-06-28 12:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVS4YOU 2013-06-28 12:27 - 2013-06-28 12:27 - 00000594 _____ C:\Documents and Settings\Chris Jacobs\Desktop\AVS Video Editor.lnk 2013-06-28 12:27 - 2013-06-28 12:27 - 00000000 ____D C:\Program Files\AVS4YOU 2013-06-28 12:27 - 2013-06-28 12:27 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\AVS4YOU 2013-06-28 12:26 - 2013-06-28 12:28 - 00000000 ____D C:\AVSVideoEditor 2013-06-28 12:26 - 2013-06-28 12:27 - 00000000 ____D C:\Program Files\Common Files\AVSMedia 2013-06-28 12:26 - 2011-06-23 13:26 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2013-06-28 10:03 - 2013-06-28 10:04 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\.technic 2013-06-25 23:07 - 2013-07-01 15:55 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\Me 2013-06-25 20:21 - 2013-06-24 17:40 - 00000704 _____ C:\Documents and Settings\Chris Jacobs\Desktop\WinRAR.lnk 2013-06-24 21:32 - 2013-07-23 18:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TorchCrashHandler 2013-06-24 21:32 - 2013-06-24 21:32 - 00001122 _____ C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Torch.lnk 2013-06-24 21:32 - 2013-06-24 21:32 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Torch 2013-06-24 21:31 - 2013-07-05 00:36 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Torch 2013-06-24 21:14 - 2013-06-24 21:14 - 00000000 ____D C:\Program Files\CheckPoint 2013-06-24 17:40 - 2013-06-24 21:37 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\WinRAR 2013-06-24 17:40 - 2013-06-24 17:40 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\WinRAR 2013-06-24 17:39 - 2013-06-24 17:40 - 00000000 ____D C:\Program Files\WinRAR 2013-06-24 15:56 - 2013-06-24 15:56 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk ==================== One Month Modified Files and Folders ======= 2013-07-23 21:49 - 2005-08-16 06:40 - 01160875 _____ C:\WINDOWS\WindowsUpdate.log 2013-07-23 21:42 - 2013-07-23 21:42 - 00000938 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to FRST.lnk 2013-07-23 21:42 - 2007-01-31 01:23 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop 2013-07-23 21:31 - 2012-03-29 20:20 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-07-23 21:24 - 2011-04-20 04:41 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-07-23 21:14 - 2011-05-26 17:14 - 00001006 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3363229072-3021304974-548893752-1007UA.job 2013-07-23 20:31 - 2005-08-16 06:49 - 00032466 _____ C:\WINDOWS\SchedLgU.Txt 2013-07-23 19:35 - 2005-08-16 06:35 - 00000282 _____ C:\WINDOWS\wiadebug.log 2013-07-23 18:46 - 2010-11-06 16:48 - 00393216 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2013-07-23 18:45 - 2013-03-09 21:10 - 00000000 ____D C:\Program Files\Steam 2013-07-23 18:44 - 2013-07-02 19:34 - 00000292 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3363229072-3021304974-548893752-1007.job 2013-07-23 18:44 - 2012-08-10 12:07 - 00000300 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3363229072-3021304974-548893752-1007.job 2013-07-23 18:44 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-07-23 18:30 - 2013-06-24 21:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TorchCrashHandler 2013-07-23 18:30 - 2009-10-28 21:55 - 00000000 __SHD C:\WINDOWS\CSC 2013-07-23 18:30 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-07-23 18:30 - 2005-08-16 06:35 - 00000049 _____ C:\WINDOWS\wiaservc.log 2013-07-23 17:20 - 2013-03-10 08:01 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\My Games 2013-07-23 17:20 - 2013-03-10 08:01 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\My Games 2013-07-23 17:20 - 2012-09-30 17:54 - 00259727 _____ C:\WINDOWS\setupapi.log 2013-07-23 17:19 - 2005-08-16 06:40 - 00000000 ____D C:\WINDOWS\system32\DirectX 2013-07-23 17:06 - 2013-07-23 17:06 - 00000216 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Sid Meier's Civilization V Brave New World Demo.url 2013-07-23 17:06 - 2013-03-10 07:50 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Steam 2013-07-23 15:43 - 2011-12-28 22:03 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2013-07-23 09:05 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2013-07-23 00:03 - 2007-01-31 01:23 - 00000278 ___SH C:\Documents and Settings\Chris Jacobs\ntuser.ini 2013-07-22 22:14 - 2011-05-26 17:14 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3363229072-3021304974-548893752-1007Core.job 2013-07-21 18:01 - 2013-06-09 23:15 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job 2013-07-20 00:46 - 2005-08-16 06:38 - 00162104 _____ C:\WINDOWS\wmsetup.log 2013-07-19 23:27 - 2005-08-16 06:33 - 00554708 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-07-19 22:46 - 2009-10-28 20:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-19 22:46 - 2005-08-16 06:27 - 03694712 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-07-19 22:29 - 2013-07-19 22:29 - 00128514 _____ C:\WINDOWS\KB2834904.log 2013-07-19 22:29 - 2013-07-19 22:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$ 2013-07-19 22:29 - 2013-07-19 22:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro 2013-07-19 22:29 - 2005-08-16 06:33 - 03048423 _____ C:\WINDOWS\FaxSetup.log 2013-07-19 22:29 - 2005-08-16 06:33 - 01490414 _____ C:\WINDOWS\ocgen.log 2013-07-19 22:29 - 2005-08-16 06:33 - 01416901 _____ C:\WINDOWS\iis6.log 2013-07-19 22:29 - 2005-08-16 06:33 - 01387736 _____ C:\WINDOWS\tsoc.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00984446 _____ C:\WINDOWS\comsetup.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00938554 _____ C:\WINDOWS\msmqinst.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00606194 _____ C:\WINDOWS\ntdtcsetup.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00537854 _____ C:\WINDOWS\netfxocm.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00343147 _____ C:\WINDOWS\MedCtrOC.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00162358 _____ C:\WINDOWS\ocmsn.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00150849 _____ C:\WINDOWS\msgsocm.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00148398 _____ C:\WINDOWS\tabletoc.log 2013-07-19 22:29 - 2005-08-16 06:33 - 00001374 _____ C:\WINDOWS\imsins.log 2013-07-19 22:29 - 2005-08-16 06:18 - 00001208 _____ C:\WINDOWS\win.ini 2013-07-19 22:28 - 2013-07-19 22:28 - 00129299 _____ C:\WINDOWS\KB2834886.log 2013-07-19 22:28 - 2013-07-19 22:28 - 00014602 _____ C:\Documents and Settings\Chris Jacobs\Desktop\HitmanPro_20130719_2228.log 2013-07-19 22:28 - 2013-07-19 22:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$ 2013-07-19 22:28 - 2013-02-17 22:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2013-07-19 22:28 - 2005-08-16 06:33 - 00001374 _____ C:\WINDOWS\imsins.BAK 2013-07-19 22:27 - 2013-07-19 22:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$ 2013-07-19 22:27 - 2013-07-18 23:01 - 00136384 _____ C:\WINDOWS\KB2850851.log 2013-07-19 22:25 - 2013-07-18 23:00 - 00138343 _____ C:\WINDOWS\KB2845187.log 2013-07-19 22:24 - 2013-07-19 22:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$ 2013-07-19 22:09 - 2013-07-19 22:09 - 00000967 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to HitmanPro.lnk 2013-07-19 22:09 - 2013-07-19 22:08 - 00133219 _____ C:\WINDOWS\KB2846071-IE8.log 2013-07-19 22:09 - 2011-04-18 07:21 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-07-19 22:09 - 2009-10-28 20:54 - 00000000 ____D C:\WINDOWS\ie8updates 2013-07-19 22:09 - 2005-08-16 23:04 - 00634828 _____ C:\WINDOWS\updspapi.log 2013-07-19 22:07 - 2013-07-19 22:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2833951$ 2013-07-19 22:07 - 2013-07-19 22:06 - 00135603 _____ C:\WINDOWS\KB2833951.log 2013-07-19 22:03 - 2009-07-07 21:27 - 00000000 ____D C:\WINDOWS\system32\XPSViewer 2013-07-18 23:01 - 2005-08-16 06:49 - 00000000 __SHD C:\Documents and Settings\NetworkService 2013-07-18 22:47 - 2013-07-18 22:41 - 00005218 _____ C:\FixitRegBackup.reg 2013-07-18 22:41 - 2013-07-18 22:41 - 00001017 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to MicrosoftFixit50535.lnk 2013-07-18 22:29 - 2013-07-18 22:29 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\Malwarebytes 2013-07-18 22:29 - 2013-07-18 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2013-07-18 22:29 - 2005-08-16 06:33 - 00000000 ____D C:\Documents and Settings\All Users\Desktop 2013-07-18 22:28 - 2013-07-18 22:28 - 00000635 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Shortcut to mbam-setup-1.50.1.1100.lnk 2013-07-18 22:24 - 2013-07-18 22:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Chris Jacobs\Desktop\mbam-setup-1.75.0.1300.exe 2013-07-18 22:12 - 2013-07-18 22:12 - 00080456 _____ (Malwarebytes Corporation) C:\Documents and Settings\Chris Jacobs\Desktop\mbam-clean-1.60.2.0003.exe 2013-07-18 03:45 - 2013-07-18 03:45 - 00017966 _____ C:\ComboFix.txt 2013-07-18 03:45 - 2013-07-08 09:02 - 00000000 ____D C:\Qoobox 2013-07-18 03:37 - 2013-04-18 20:16 - 00000000 ___RD C:\Program Files\Skype 2013-07-18 03:36 - 2005-08-16 06:18 - 00000227 _____ C:\WINDOWS\system.ini 2013-07-18 03:33 - 2005-08-16 00:27 - 55730176 _____ C:\WINDOWS\system32\config\SOFTWARE.bak 2013-07-18 03:33 - 2005-08-16 00:27 - 12582912 _____ C:\WINDOWS\system32\config\SYSTEM.bak 2013-07-18 03:33 - 2005-08-16 00:27 - 05533696 _____ C:\WINDOWS\system32\config\DEFAULT.bak 2013-07-18 03:33 - 2005-08-16 00:27 - 00069632 _____ C:\WINDOWS\system32\config\SECURITY.bak 2013-07-18 03:33 - 2005-08-16 00:27 - 00032768 _____ C:\WINDOWS\system32\config\SAM.bak 2013-07-18 03:32 - 2013-07-09 22:54 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG 2013-07-18 03:32 - 2012-08-29 21:53 - 00000000 ____D C:\WINDOWS\erdnt 2013-07-18 03:08 - 2013-07-08 08:58 - 05090256 ____R (Swearware) C:\Documents and Settings\Chris Jacobs\Desktop\ComboFix.exe 2013-07-18 02:00 - 2013-04-03 15:19 - 00000356 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-KJACOBS-Chris Jacobs.job 2013-07-18 02:00 - 2007-02-08 01:03 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Adobe 2013-07-18 01:39 - 2013-07-18 01:39 - 00003561 _____ C:\Documents and Settings\Chris Jacobs\Desktop\FSS.txt 2013-07-18 01:37 - 2013-07-18 01:38 - 00357077 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\FSS.exe 2013-07-18 01:20 - 2013-07-11 23:21 - 00026320 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Result.txt 2013-07-18 01:13 - 2013-07-18 01:19 - 00760937 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\MiniToolBox (1).exe 2013-07-18 01:08 - 2013-07-18 01:10 - 00186787 _____ C:\Documents and Settings\Chris Jacobs\Desktop\restoredefaultperms.exe 2013-07-18 00:39 - 2013-07-18 00:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-07-18 00:08 - 2013-07-18 00:08 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a 2013-07-17 14:41 - 2013-07-18 00:08 - 13726595 _____ C:\Documents and Settings\Chris Jacobs\Desktop\mbar-1.06.0.1004a.zip 2013-07-12 14:49 - 2005-08-16 06:49 - 00000000 __SHD C:\Documents and Settings\LocalService 2013-07-11 23:25 - 2013-07-11 23:25 - 00060975 _____ C:\Documents and Settings\Chris Jacobs\Desktop\FRST.txt 2013-07-11 23:13 - 2013-07-06 21:29 - 01218598 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\FRST.exe 2013-07-11 23:12 - 2013-07-06 11:43 - 00760775 _____ (Farbar) C:\Documents and Settings\Chris Jacobs\Desktop\MiniToolBox.exe 2013-07-11 19:37 - 2013-07-11 19:49 - 02240864 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Chris Jacobs\Desktop\tdsskiller.exe 2013-07-11 00:46 - 2013-04-18 20:16 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\Skype 2013-07-11 00:09 - 2013-07-11 00:41 - 04009167 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ServicesRepair (1).exe 2013-07-10 15:09 - 2013-07-10 14:54 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2013-07-10 14:53 - 2013-07-10 14:12 - 00065536 _____ C:\WINDOWS\system32\config\Doctor W.evt 2013-07-10 14:12 - 2013-07-10 14:12 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Doctor Web 2013-07-10 14:12 - 2007-01-31 01:23 - 00000000 ____D C:\Documents and Settings\Chris Jacobs 2013-07-10 11:28 - 2013-07-10 11:28 - 00000000 ____D C:\Documents and Settings\All Users\Desktop\CC Support 2013-07-10 11:06 - 2013-07-10 12:56 - 124212832 _____ C:\Documents and Settings\Chris Jacobs\Desktop\drweb-cureit.exe 2013-07-10 10:56 - 2013-07-10 11:28 - 04009167 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ServicesRepair.exe 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG 2013-07-09 22:54 - 2013-07-09 22:54 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT.tmp.LOG 2013-07-09 22:37 - 2005-08-16 06:40 - 00000000 ____D C:\WINDOWS\system32\Restore 2013-07-07 08:49 - 2013-07-06 21:29 - 00000000 ____D C:\FRST 2013-07-05 23:38 - 2005-08-16 06:22 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2013-07-05 11:01 - 2013-07-05 11:01 - 00052279 _____ C:\Documents and Settings\Chris Jacobs\Desktop\eset scan.txt 2013-07-05 03:04 - 2013-07-05 03:04 - 00013049 _____ C:\WINDOWS\KB2485663.log 2013-07-05 03:04 - 2013-07-05 03:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2485663$ 2013-07-05 03:04 - 2007-01-25 09:16 - 00000000 ___HD C:\WINDOWS\$hf_mig$ 2013-07-05 03:03 - 2009-12-09 11:02 - 00026979 _____ C:\WINDOWS\KB973904.log 2013-07-05 03:02 - 2013-06-13 00:03 - 00024435 _____ C:\WINDOWS\KB2838727-IE8.log 2013-07-05 03:02 - 2005-08-16 06:33 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-07-05 03:01 - 2011-04-16 12:33 - 00017101 _____ C:\WINDOWS\KB2510531-IE8.log 2013-07-05 03:00 - 2013-07-05 03:00 - 00007443 _____ C:\WINDOWS\KB923561.log 2013-07-05 03:00 - 2013-07-05 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923561$ 2013-07-05 01:13 - 2013-07-01 12:17 - 00000000 ____D C:\Program Files\ESET 2013-07-05 00:59 - 2012-11-07 15:51 - 00000000 ____D C:\Documents and Settings\Katherine Jacobs\Application Data\CheckPoint 2013-07-05 00:59 - 2012-09-02 00:13 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\CheckPoint 2013-07-05 00:38 - 2013-07-05 00:38 - 00004139 _____ C:\Documents and Settings\Chris Jacobs\Desktop\JRT.txt 2013-07-05 00:36 - 2013-06-24 21:31 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\Torch 2013-07-05 00:35 - 2013-07-05 00:35 - 00000000 ____D C:\WINDOWS\ERUNT 2013-07-04 23:02 - 2011-03-24 10:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2524375$ 2013-07-04 23:02 - 2005-08-16 06:22 - 00000000 _SHDC C:\WINDOWS\$NtUninstallKB44159$ 2013-07-04 22:03 - 2013-07-04 22:02 - 00000000 ____D C:\Program Files\ERUNT 2013-07-04 22:02 - 2013-07-04 22:02 - 00000611 _____ C:\Documents and Settings\Chris Jacobs\Desktop\NTREGOPT.lnk 2013-07-04 22:02 - 2013-07-04 22:02 - 00000592 _____ C:\Documents and Settings\Chris Jacobs\Desktop\ERUNT.lnk 2013-07-04 17:10 - 2012-08-16 22:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-07-04 00:22 - 2013-07-04 00:22 - 00025604 _____ C:\Documents and Settings\Chris Jacobs\Desktop\attach.txt 2013-07-04 00:22 - 2013-07-04 00:22 - 00021871 _____ C:\Documents and Settings\Chris Jacobs\Desktop\dds.txt 2013-07-03 23:37 - 2013-07-03 22:30 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-07-03 22:02 - 2005-08-16 23:10 - 00161704 ____C C:\WINDOWS\spupdsvc.log 2013-07-03 22:01 - 2013-07-03 22:01 - 00000782 _____ C:\Documents and Settings\kodak\Desktop\Windows Media Player.lnk 2013-07-03 22:01 - 2009-12-10 23:42 - 00000000 ____D C:\Documents and Settings\kodak\Desktop 2013-07-03 22:01 - 2008-09-23 21:26 - 00000352 _____ C:\WINDOWS\spupdsvc.log.1.log 2013-07-03 22:01 - 2008-09-23 21:26 - 00000253 _____ C:\WINDOWS\system32\spupdwxp.log 2013-07-03 22:01 - 2005-08-16 06:38 - 00001103 ____C C:\WINDOWS\DtcInstall.log 2013-07-03 21:54 - 2008-09-12 15:35 - 00731728 _____ C:\WINDOWS\svcpack.log 2013-07-03 21:54 - 2005-08-16 06:22 - 00000000 ____D C:\WINDOWS\security 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951748$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951698$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$ 2013-07-03 21:21 - 2013-07-03 21:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376$ 2013-07-03 21:21 - 2008-08-23 10:00 - 00218980 _____ C:\WINDOWS\KB952287.log 2013-07-03 21:21 - 2008-08-22 18:52 - 00037915 _____ C:\WINDOWS\KB951072-v2.log 2013-07-03 21:21 - 2008-08-22 18:46 - 00226690 _____ C:\WINDOWS\KB952954.log 2013-07-03 21:21 - 2008-07-09 04:35 - 00223762 _____ C:\WINDOWS\KB951748.log 2013-07-03 21:21 - 2008-06-20 10:00 - 00210916 _____ C:\WINDOWS\KB951376-v2.log 2013-07-03 21:21 - 2008-06-11 10:00 - 00210859 _____ C:\WINDOWS\KB951376.log 2013-07-03 21:21 - 2008-06-10 22:33 - 00222068 _____ C:\WINDOWS\KB951698.log 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951066$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950974$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$ 2013-07-03 21:20 - 2013-07-03 21:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$ 2013-07-03 21:20 - 2008-09-10 10:00 - 00212975 _____ C:\WINDOWS\KB938464.log 2013-07-03 21:20 - 2008-08-23 10:01 - 00220427 _____ C:\WINDOWS\KB946648.log 2013-07-03 21:20 - 2008-08-23 10:00 - 00211902 _____ C:\WINDOWS\KB951066.log 2013-07-03 21:20 - 2008-08-22 18:44 - 00225013 _____ C:\WINDOWS\KB950974.log 2013-07-03 21:20 - 2008-06-11 10:00 - 00211215 _____ C:\WINDOWS\KB950762.log 2013-07-03 21:20 - 2005-08-16 06:37 - 00000000 ____D C:\Program Files\Messenger 2013-07-03 21:17 - 2005-08-16 06:36 - 00000573 ____C C:\WINDOWS\cmsetacl.log 2013-07-03 21:16 - 2005-08-16 06:39 - 00003257 ____C C:\WINDOWS\sessmgr.setup.log 2013-07-03 21:16 - 2005-08-16 06:37 - 00000000 ____D C:\Program Files\MSN 2013-07-03 21:16 - 2005-08-16 06:22 - 00000000 ____D C:\WINDOWS\Help 2013-07-03 21:15 - 2007-01-25 09:08 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2013-07-02 19:06 - 2013-07-02 13:51 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\The Curse of Blackmoor Manor 2013-07-02 13:51 - 2013-07-02 13:51 - 00000807 _____ C:\Documents and Settings\All Users\Desktop\The Curse of Blackmoor Manor.lnk 2013-07-02 13:48 - 2008-09-13 14:37 - 00000000 ____D C:\Program Files\Nancy Drew 2013-07-01 17:37 - 2012-06-28 22:52 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\.minecraft 2013-07-01 17:14 - 2012-08-13 11:18 - 00001954 _____ C:\WINDOWS\epplauncher.mif 2013-07-01 16:12 - 2013-07-01 16:12 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia 2013-07-01 16:11 - 2013-07-01 16:11 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Adobe 2013-07-01 15:55 - 2013-06-25 23:07 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\Me 2013-07-01 13:06 - 2012-07-21 12:36 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\{43028B5C-D352-11E1-8270-B8AC6F996F26} 2013-07-01 12:54 - 2013-07-01 12:54 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\ESET 2013-07-01 12:17 - 2013-07-01 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET 2013-07-01 12:06 - 2007-01-25 09:27 - 00000000 ____D C:\Program Files\Google 2013-07-01 11:42 - 2008-01-30 19:03 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2013-07-01 11:38 - 2013-07-01 11:38 - 00866592 _____ C:\Documents and Settings\Chris Jacobs\Desktop\Norton_Removal_Tool.exe 2013-07-01 02:01 - 2007-01-25 09:32 - 00102632 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-07-01 01:57 - 2005-08-16 06:22 - 00000000 ____D C:\WINDOWS\Media 2013-07-01 01:56 - 2009-07-05 19:11 - 00186214 _____ C:\WINDOWS\ie8_main.log 2013-07-01 01:49 - 2013-07-01 00:43 - 00000000 __HDC C:\WINDOWS\ie8 2013-07-01 01:49 - 2009-10-28 20:51 - 00350556 _____ C:\WINDOWS\ie8.log 2013-07-01 01:42 - 2013-07-01 01:42 - 00000000 ____D C:\Program Files\Microsoft ActiveSync 2013-07-01 01:42 - 2007-01-25 09:29 - 00000376 _____ C:\WINDOWS\ODBC.INI 2013-07-01 01:41 - 2005-08-16 06:40 - 00000000 ____D C:\Program Files\Common Files\System 2013-07-01 01:38 - 2005-08-16 06:22 - 00000000 ____D C:\WINDOWS\system 2013-07-01 01:21 - 2013-07-01 01:21 - 00000738 _____ C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Outlook Express.lnk 2013-07-01 00:45 - 2011-12-14 11:05 - 00019449 _____ C:\WINDOWS\KB2618444-IE8.log 2013-07-01 00:38 - 2013-07-01 00:38 - 00001892 _____ C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk 2013-07-01 00:38 - 2013-07-01 00:38 - 00000000 ____D C:\Program Files\Microsoft Download Manager 2013-07-01 00:17 - 2013-07-01 00:17 - 00000000 ____D C:\WINSSLog 2013-07-01 00:07 - 2008-09-09 17:49 - 00000000 ____D C:\Program Files\Windows Live 2013-06-30 23:52 - 2012-08-10 09:51 - 00104792 _____ C:\WINDOWS\ie8Uninst.log 2013-06-30 23:29 - 2013-06-30 23:27 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2013-06-30 22:19 - 2007-08-15 10:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938828$ 2013-06-30 21:57 - 2013-06-30 21:57 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\saves 2013-06-30 16:20 - 2013-06-30 16:20 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\texturepacks 2013-06-30 16:19 - 2013-06-30 16:19 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\stats 2013-06-30 16:19 - 2013-06-30 16:19 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Desktop\screenshots 2013-06-29 13:42 - 2013-06-29 13:41 - 106387587 _____ C:\Documents and Settings\Chris Jacobs\Application Data\.minecraft.rar 2013-06-29 08:35 - 2013-06-29 08:35 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Sun 2013-06-29 08:33 - 2007-09-16 19:44 - 00115712 _____ C:\Documents and Settings\Chris Jacobs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-06-28 18:43 - 2013-06-28 18:43 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\RealNetworks 2013-06-28 18:43 - 2013-06-28 18:43 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Real 2013-06-28 14:40 - 2013-06-28 14:40 - 00009216 ___SH C:\Documents and Settings\Chris Jacobs\Downloads\Thumbs.db 2013-06-28 14:09 - 2013-06-28 14:10 - 02032810 _____ C:\Documents and Settings\Chris Jacobs\Desktop\minecraftforge-universal-1.5.2-7.8.1.737[1].zip 2013-06-28 13:12 - 2012-03-29 20:31 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\vlc 2013-06-28 12:52 - 2013-06-28 12:52 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\My Documents\AVS4YOU 2013-06-28 12:28 - 2013-06-28 12:28 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\AVS4YOU 2013-06-28 12:28 - 2013-06-28 12:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVS4YOU 2013-06-28 12:28 - 2013-06-28 12:26 - 00000000 ____D C:\AVSVideoEditor 2013-06-28 12:27 - 2013-06-28 12:27 - 00000594 _____ C:\Documents and Settings\Chris Jacobs\Desktop\AVS Video Editor.lnk 2013-06-28 12:27 - 2013-06-28 12:27 - 00000000 ____D C:\Program Files\AVS4YOU 2013-06-28 12:27 - 2013-06-28 12:27 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\AVS4YOU 2013-06-28 12:27 - 2013-06-28 12:26 - 00000000 ____D C:\Program Files\Common Files\AVSMedia 2013-06-28 10:04 - 2013-06-28 10:03 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\.technic 2013-06-25 00:13 - 2013-02-17 22:31 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt 2013-06-24 21:48 - 2013-06-22 22:13 - 00000488 _____ C:\Documents and Settings\All Users\Desktop\Fraps.lnk 2013-06-24 21:37 - 2013-06-24 17:40 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Application Data\WinRAR 2013-06-24 21:32 - 2013-06-24 21:32 - 00001122 _____ C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Torch.lnk 2013-06-24 21:32 - 2013-06-24 21:32 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\Torch 2013-06-24 21:14 - 2013-06-24 21:14 - 00000000 ____D C:\Program Files\CheckPoint 2013-06-24 17:40 - 2013-06-25 20:21 - 00000704 _____ C:\Documents and Settings\Chris Jacobs\Desktop\WinRAR.lnk 2013-06-24 17:40 - 2013-06-24 17:40 - 00000000 ____D C:\Documents and Settings\Chris Jacobs\Start Menu\Programs\WinRAR 2013-06-24 17:40 - 2013-06-24 17:39 - 00000000 ____D C:\Program Files\WinRAR 2013-06-24 15:56 - 2013-06-24 15:56 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk 2013-06-23 13:03 - 2013-06-22 22:13 - 00000000 ____D C:\Fraps ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================
  9. Okay. Computer seems to be functioning well. Still get the error message about Microsoft Security Centre on start-up
  10. Seems to have only found a bunch of cookies which it deleted. Below is the log. HitmanPro 3.7.6.201www.hitmanpro.com Computer name . . . . : KJACOBS Windows . . . . . . . : 5.1.3.2600.X86/2 User name . . . . . . : KJACOBS\Chris Jacobs License . . . . . . . : Free Scan date . . . . . . : 2013-07-19 22:10:47 Scan mode . . . . . . : Normal Scan duration . . . . : 16m 32s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 950 Objects scanned . . . : 1,772,655 Files scanned . . . . : 74,884 Remnants scanned . . : 249,773 files / 1,447,998 keysCookies _____________________________________________________________________ C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:ad.360yield.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:ad.mlnadvertising.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:ad.yieldmanager.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:adtech.de C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:adtechus.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:advertising.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:apmebf.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:at.atwola.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:atdmt.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:burstnet.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:casalemedia.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:collective-media.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:doubleclick.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:eset.122.2o7.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:fastclick.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:in.getclicky.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:invitemedia.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:kontera.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:media6degrees.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:mediaplex.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:questionmarket.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:revsci.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:ru4.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:serving-sys.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:specificclick.net C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:tacoda.at.atwola.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:tribalfusion.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:www.googleadservices.com C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:yadro.ru C:\Documents and Settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\cookies.sqlite:zedo.com C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Documents and Settings\Hannah Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:specificclick.net C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:ad.yieldmanager.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:atdmt.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:doubleclick.net C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:fastclick.net C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:interclick.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:invitemedia.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:media6degrees.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:ru4.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:statse.webtrendslive.com C:\Documents and Settings\Katherine Jacobs\Application Data\Mozilla\Firefox\Profiles\a33np8gi.default\cookies.sqlite:tribalfusion.com C:\Documents and Settings\Katherine Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Documents and Settings\Katherine Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:invitemedia.com C:\Documents and Settings\Katherine Jacobs\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
  11. As suggested I removed and reinstalled MBAM and tried to uninstall MSE. It wasn't listed in Add/Remove Programs in the Control Panel so I used the MSE Removal Tool. It seems to have mostly removed it. It is no longer in the start-up tray, but still shows when I click on the start button. Upon reboot I get the following error message "Microsoft Security Client - An error occurred in the program during initialization. Error 0x80070002" Also I only found 3 of the MBAM files to exclude from the Eset virus scan (mbam; mbamgui; mbamservice) I updated and ran Eset Nod 32 and no threat were found.
  12. Hey. I have got my internet connection back. Firewall is working. Virus definitions updating. Off to bed. Chat again tomorrow
  13. Took a while, but here is the log ComboFix 13-07-18.01 - Chris Jacobs 18/07/2013 3:19.4.2 - x86Running from: c:\documents and settings\Chris Jacobs\Desktop\ComboFix.exeCommand switches used :: c:\documents and settings\Chris Jacobs\Desktop\CFScript.txtAV: ESET NOD32 Antivirus 6.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} * Resident AV is active...((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\afd.sys..--------------- FCopy ---------------.c:\afd.sys --> c:\WINDOWS\system32\Drivers\afd.sys.((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_AUDIOSRV-------\Service_AudioSrv..((((((((((((((((((((((((( Files Created from 2013-06-18 to 2013-07-18 )))))))))))))))))))))))))))))))..2013-07-18 05:11 . 2004-06-11 20:33 290304 ----a-w- c:\windows\subinacl.exe2013-07-18 04:14 . 2013-07-18 04:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)2013-07-10 18:12 . 2013-07-10 18:12 -------- d-----w- c:\documents and settings\Chris Jacobs\Doctor Web2013-07-07 01:29 . 2013-07-07 12:49 -------- d-----w- C:\FRST2013-07-05 04:35 . 2013-07-05 04:35 -------- d-----w- c:\windows\ERUNT2013-07-05 02:02 . 2013-07-05 02:03 -------- d-----w- c:\program files\ERUNT2013-07-04 01:56 . 2013-07-04 01:56 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache2013-07-04 01:16 . 2008-04-14 09:41 81920 ------w- c:\windows\system32\ieencode.dll2013-07-04 01:16 . 2007-04-03 04:12 1327320 ------w- c:\program files\MSN\msncorefiles\install\msnsusii.exe2013-07-04 01:16 . 2007-04-03 04:04 884712 ------w- c:\program files\MSN\msncorefiles\install\msn9components\digcore.exe2013-07-04 01:16 . 2008-04-14 09:40 966656 ------w- c:\program files\MSN\msncorefiles\oobe\obemetal.dll2013-07-04 01:16 . 2008-04-14 09:40 86016 ------w- c:\program files\MSN\msncorefiles\oobe\obepopc.dll2013-07-04 01:16 . 2008-04-14 09:40 229376 ------w- c:\program files\MSN\msncorefiles\oobe\obelog.dll2013-07-04 01:16 . 2007-04-03 04:14 77824 ------w- c:\program files\MSN\msncorefiles\oobe\obemtllc.dll2013-07-04 01:16 . 2007-04-03 04:09 11053008 ------w- c:\program files\MSN\msncorefiles\install\msn9components\msncli.exe2013-07-01 16:54 . 2013-07-01 16:54 -------- d-----w- c:\documents and settings\Chris Jacobs\Local Settings\Application Data\ESET2013-07-01 16:17 . 2013-07-05 05:13 -------- d-----w- c:\program files\ESET2013-07-01 16:17 . 2013-07-01 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET2013-07-01 05:42 . 2013-07-01 05:42 -------- d-----w- c:\program files\Microsoft ActiveSync2013-07-01 04:43 . 2013-07-01 05:49 -------- dc-h--w- c:\windows\ie82013-07-01 04:38 . 2013-07-01 04:38 -------- d-----w- c:\program files\Microsoft Download Manager2013-07-01 04:17 . 2013-07-01 04:17 -------- d-----w- C:\WINSSLog2013-07-01 03:27 . 2013-07-01 03:29 -------- d--h--w- c:\windows\msdownld.tmp2013-06-28 16:28 . 2013-06-28 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU2013-06-28 16:28 . 2013-06-28 16:28 -------- d-----w- c:\documents and settings\Chris Jacobs\Application Data\AVS4YOU2013-06-28 16:27 . 2013-06-28 16:27 -------- d-----w- c:\program files\AVS4YOU2013-06-28 16:26 . 2013-06-28 16:27 -------- d-----w- c:\program files\Common Files\AVSMedia2013-06-28 16:26 . 2011-06-23 17:26 1700352 ----a-w- c:\windows\system32\GdiPlus.dll2013-06-28 16:26 . 2013-06-28 16:28 -------- d-----w- C:\AVSVideoEditor2013-06-28 14:03 . 2013-06-28 14:04 -------- d-----w- c:\documents and settings\Chris Jacobs\Application Data\.technic2013-06-28 13:27 . 2013-06-12 04:18 7068072 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF0B931E-3306-4452-A5C1-FD27BD249E02}\mpengine.dll2013-06-27 12:34 . 2013-06-12 04:18 7068072 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-06-25 01:32 . 2013-07-18 07:34 -------- d-----w- c:\documents and settings\All Users\Application Data\TorchCrashHandler2013-06-25 01:31 . 2013-07-05 04:36 -------- d-----w- c:\documents and settings\Chris Jacobs\Local Settings\Application Data\Torch2013-06-25 01:14 . 2013-06-25 01:14 -------- d-----w- c:\program files\CheckPoint2013-06-23 02:13 . 2013-06-23 17:03 -------- d-----w- C:\Fraps...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-06-12 20:31 . 2012-03-30 00:20 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-06-12 20:31 . 2011-06-22 21:55 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-05-07 22:30 . 2005-08-16 10:18 920064 ----a-w- c:\windows\system32\wininet.dll2013-05-07 22:30 . 2005-08-16 10:18 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-05-07 22:30 . 2005-08-16 10:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2013-05-07 21:53 . 2005-08-16 10:18 385024 ----a-w- c:\windows\system32\html.iec2013-05-03 01:30 . 2005-08-16 10:18 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe2013-05-03 00:38 . 2004-08-04 04:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-05-02 15:28 . 2013-06-10 03:07 238872 ------w- c:\windows\system32\MpSigStub.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Steam"="c:\program files\Steam\Steam.exe" [2013-06-06 1641896]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18672232]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-11 98304]"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]"YeppStudioAgent"="c:\program files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 40960]"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2516296]"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-08-10 296096]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-10-25 421888]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-03-21 5078504].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"RunNarrator"="Narrator.exe" [2008-04-14 53760].c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=.R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [10/01/2013 3:08 PM 122240]R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10/01/2013 3:08 PM 105784]R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21/03/2013 3:19 PM 1341664]R2 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe [14/05/2009 1:21 PM 98304]R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [30/06/2013 6:12 PM 418376]R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [12/07/2013 2:37 PM 3289472]R2 TorchCrashHandler;Torch Crash Handler;c:\documents and settings\Chris Jacobs\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe [20/06/2013 9:54 AM 1205088]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [17/04/2011 5:40 PM 22856]S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17/04/2011 5:40 PM 701512]S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28/02/2013 7:09 PM 161384]S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 1:37 PM 517096].--- Other Services/Drivers In Memory ---.*Deregistered* - NDISRD.Contents of the 'Scheduled Tasks' folder.2013-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:31].2013-07-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-KJACOBS-Chris Jacobs.job- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-03-21 09:10].2013-07-02 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57].2013-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3363229072-3021304974-548893752-1007Core.job- c:\documents and settings\Chris Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-26 03:03].2013-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3363229072-3021304974-548893752-1007UA.job- c:\documents and settings\Chris Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-26 03:03].2013-06-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 15:11].2013-07-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3363229072-3021304974-548893752-1007.job- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27].2013-07-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3363229072-3021304974-548893752-1007.job- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27]..------- Supplementary Scan -------.uInternet Settings,ProxyOverride = *.localIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlIE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105Trusted Zone: brassring.com\sjobsTrusted Zone: freerealms.comTrusted Zone: microsoft.com\www.updateTrusted Zone: plaxo.com\wwwTrusted Zone: soe.comTrusted Zone: sony.comTCP: DhcpNameServer = 208.67.222.222 208.67.222.220Handler: intu-qt2007 - {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - c:\program files\QuickTax 2007\ic2007pp.dllHandler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - c:\program files\TurboTax 2011\ic2011pp.dllHandler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - c:\program files\TurboTax 2012\ic2012pp.dllFF - ProfilePath - c:\documents and settings\Chris Jacobs\Application Data\Mozilla\Firefox\Profiles\kxgn1snm.default\.- - - - ORPHANS REMOVED - - - -.SafeBoot-38991484.sys...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-07-18 03:36Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3363229072-3021304974-548893752-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]"??"=hex:4f,f0,c1,db,95,ae,f7,27,e6,fd,32,e9,60,e2,5b,b8,5f,69,ea,fc,89,b2,63, 2e,86,7f,1b,b8,ab,0c,79,d0,10,1a,57,f7,17,63,82,ca,0a,18,3c,46,e5,44,88,54,\"??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22.[HKEY_USERS\S-1-5-21-3363229072-3021304974-548893752-1007\Software\SecuROM\License information*]"datasecu"=hex:8d,fc,6d,66,69,bd,ae,84,4a,b8,0d,af,93,16,c7,41,0e,17,47,01,47, 7f,06,f5,97,0d,b3,c0,3d,2d,51,55,53,7e,2f,58,4e,1f,07,c5,af,97,b6,44,ac,ab,\"rkeysecu"=hex:fc,c0,7e,17,05,7d,fc,b5,1a,af,54,29,89,3b,60,32.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'winlogon.exe'(512)c:\windows\system32\Ati2evxx.dllc:\windows\system32\atiadlxx.dll.- - - - - - - > 'explorer.exe'(1580)c:\windows\system32\WININET.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\windows\system32\Ati2evxx.exec:\windows\system32\Ati2evxx.exec:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exec:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exec:\program files\Java\jre7\bin\jqs.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\PnkBstrA.exec:\windows\system32\SearchIndexer.exec:\windows\ehome\mcrdsvc.exec:\program files\Canon\CAL\CALMAIN.exec:\windows\system32\wscntfy.exec:\windows\system32\msiexec.exec:\windows\stsystra.exec:\program files\iPod\bin\iPodService.exec:\program files\Windows Desktop Search\WindowsSearch.exec:\program files\Common Files\Java\Java Update\jucheck.exe.**************************************************************************.Completion time: 2013-07-18 03:45:24 - machine was rebootedComboFix-quarantined-files.txt 2013-07-18 07:45ComboFix2.txt 2013-07-11 05:26ComboFix3.txt 2013-07-10 03:05.Pre-Run: 103,776,182,272 bytes freePost-Run: 103,738,765,312 bytes free.- - End Of File - - 900D837AB300184FB411A326FF86231A5CB90281D1A59B251F6603134774EEC3
  14. it is running now. I will post the log when it is done. Then I must go to bed or I will never make it to work tomorrow.
  15. Not sure it completed. It warned me about Microsoft Security Essentials. I said to continue. It prompted me to update. I thought I said no and then it stopped. I don't see a new log anywhere. Should I try again?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.