g_funk3
-
Posts
21 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by g_funk3
-
looks like it. Thanks a ton for all your help!
-
Thanks again! I ended up doing some research online about the outlook .pst file. One of the first troubleshooting tips was to see if it worked in safe mode, it did. When I restarted the computer I dont know what happened or changed, but I was able to open outlook normally.
-
Nevermind, I tried the Scanpst.exe and it does not work on my pst file. I guess I will have to do some more research on that one. One other thing, Malwarebytes is still blocked on start up or restart of my computer.
-
You think something like this might work? http://office.microsoft.com/en-us/outlook-help/repair-outlook-data-files-pst-and-ost-HA010075831.aspx
-
I looked at that folder and it said it was modified 6-3-13 but I am not sure what was modified?
-
Things seem ok. Only issue I am noticing at the moment is now I cannot open my Microsoft Outlook Office 2007. I get a message: Cannot Start Microsoft Office OUtlook. Cannot open the Outlook window. The set of folders cannot be opened C:\Program Files\outlook (2).pst cannot be opened Any ideas?
-
C:\Users\Chris\.frostwire5\updates\frostwire-5.2.11.windows.exe multiple threats cleaned by deleting - quarantined C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe MSIL/CoinMiner.U trojan cleaned by deleting - quarantined C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\cuda.exe a variant of Win32/BitCoinMiner.M application cleaned by deleting - quarantined C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\javas.exe probably a variant of Win32/BitCoinMiner.M application cleaned by deleting - quarantined C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\opencl.exe a variant of Win32/BitCoinMiner.M application cleaned by deleting - quarantined C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe MSIL/CoinMiner.U trojan cleaned by deleting - quarantined C:\Users\Chris\Downloads\CouponPrinter.exe probably a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantined C:\Users\Chris\Downloads\DownloadSetup.exe Win32/InstallMate.A application cleaned by deleting - quarantined C:\Users\Chris\Music\frostwire-5.2.3.windows.exe multiple threats cleaned by deleting - quarantined C:\Users\Chris\Pictures\DownloadSetup.exe Win32/InstallMate.A application cleaned by deleting - quarantined C:\Users\Chris\Pictures\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined C:\Users\Chris\Videos\YouTubeDownloaderSetup265.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
-
# AdwCleaner v2.301 - Logfile created 06/03/2013 at 12:11:50 # Updated 16/05/2013 by Xplode # Operating system : Windows Vista Home Basic Service Pack 2 (32 bits) # User : Chris - D-VISTA-5333 # Boot Mode : Normal # Running from : C:\Users\Chris\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\user.js Folder Deleted : C:\Users\Chris\AppData\Local\APN Folder Deleted : C:\Users\Chris\Documents\ShopToWin ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CT3272718 V5 Toolbar Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16483 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\itunes\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [3657 octets] - [31/05/2013 09:45:37] AdwCleaner[s1].txt - [1971 octets] - [03/06/2013 12:11:50] ########## EOF - C:\AdwCleaner[s1].txt - [2031 octets] ##########
-
I got JRT to run now too after doing the rest of your instructions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows Vista Home Basic x86 Ran by Chris on Fri 05/31/2013 at 12:53:29.98 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\freecause Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3287819 ~~~ Files Successfully deleted: [File] "C:\end" Successfully deleted: [File] "C:\Windows\couponprinter.ocx" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\bcool" Successfully deleted: [Folder] "C:\ProgramData\installmate" Successfully deleted: [Folder] "C:\ProgramData\premium" Successfully deleted: [Folder] "C:\Users\Chris\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\Chris\AppData\Roaming\red kawa" Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\babylon" Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\supreme savings" Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\bcool" Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\pricegong" Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\thebflix" Successfully deleted: [Folder] "C:\Program Files\conduit" Successfully deleted: [Folder] "C:\Program Files\coupons" Successfully deleted: [Folder] "C:\Program Files\red kawa" Successfully deleted: [Folder] "C:\Program Files\shop to win" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 05/31/2013 at 12:54:53.10 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Sorry I messed that up, here is the ADW log # AdwCleaner v2.301 - Logfile created 05/31/2013 at 09:45:37 # Updated 16/05/2013 by Xplode # Operating system : Windows Vista Home Basic Service Pack 2 (32 bits) # User : Chris - D-VISTA-5333 # Boot Mode : Normal # Running from : C:\Users\Chris\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\END File Found : C:\user.js Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\Shop To Win Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\InstallMate Folder Found : C:\ProgramData\Premium Folder Found : C:\Users\Chris\AppData\Local\APN Folder Found : C:\Users\Chris\AppData\Local\Babylon Folder Found : C:\Users\Chris\AppData\Local\Conduit Folder Found : C:\Users\Chris\AppData\Local\Supreme Savings Folder Found : C:\Users\Chris\AppData\LocalLow\Conduit Folder Found : C:\Users\Chris\AppData\LocalLow\PriceGong Folder Found : C:\Users\Chris\AppData\LocalLow\TheBflix Folder Found : C:\Users\Chris\AppData\Roaming\Babylon Folder Found : C:\Users\Chris\Documents\ShopToWin ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3287819 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CT3272718 V5 Toolbar Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKU\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16483 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\itunes\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [3528 octets] - [31/05/2013 09:45:37] ########## EOF - C:\AdwCleaner[R1].txt - [3588 octets] ##########
-
I know we are not finished yet, but I really want to thank you for the time and effort you have put into helping me and many others out!
-
Rogue killer report RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Chris [Admin rights] Mode : Scan -- Date : 05/31/2013 09:52:17 | ARK || FAK || MBR | ¤¤¤ Bad processes : 3 ¤¤¤ [sUSP PATH] chupdates.exe -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe [-] -> KILLED [TermProc] [Microsoft][HJNAME] spoolsv.exe -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe [-] -> KILLED [TermProc] [sUSP PATH] javas.exe -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\javas.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 6 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : JavaUpdate2 (C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe) [-] -> FOUND [RUN][HJNAME] HKCU\[...]\Run : JavaUpdate (C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe) [-] -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-3573513136-401909964-3576262170-1001[...]\Run : JavaUpdate2 (C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe) [-] -> FOUND [RUN][HJNAME] HKUS\S-1-5-21-3573513136-401909964-3576262170-1001[...]\Run : JavaUpdate (C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe) [-] -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> D:\windows\system32\config\SOFTWARE -> D:\windows\system32\config\SYSTEM -> D:\Users\Default\NTUSER.DAT ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3250310AS +++++ --- User --- [MBR] e8d9f7b30f13d94c12a4a53c07f53c61 [bSP] 7b8e47267250a06aa39260c2dc400db6 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112640 | Size: 10240 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21084160 | Size: 228122 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05312013_02d0952.txt >> RKreport[1]_S_05312013_02d0952.txt
-
ADW Log All processes killed ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\SearchScopes\{03BCA317-A664-45E5-93C7-BB004DA0F4AE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03BCA317-A664-45E5-93C7-BB004DA0F4AE}\ not found. Registry key HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. C:\Users\Chris\AppData\Roaming\7063dd7c moved successfully. C:\ProgramData\1890814507 moved successfully. C:\ProgramData\551803515 moved successfully. C:\ProgramData\unrar.exe moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Chris\Desktop\cmd.bat deleted successfully. C:\Users\Chris\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Chris ->Temp folder emptied: 17352356512 bytes ->Temporary Internet Files folder emptied: 2022390083 bytes ->Java cache emptied: 1389182 bytes ->Google Chrome cache emptied: 354233529 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 2029136 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 57616 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: itunes ->Temp folder emptied: 66564020 bytes ->Temporary Internet Files folder emptied: 72044217 bytes ->Google Chrome cache emptied: 331640702 bytes ->Flash cache emptied: 3058 bytes User: M ->Temp folder emptied: 9159698 bytes ->Temporary Internet Files folder emptied: 45001449 bytes ->Flash cache emptied: 41044 bytes User: McAfeeMVSUser.Chris-PC ->Temp folder emptied: 12378599 bytes ->Temporary Internet Files folder emptied: 727045 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 231153171 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7328296 bytes RecycleBin emptied: 10592875369 bytes Total Files Cleaned = 29,661.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 05312013_092735 Files\Folders moved on Reboot... C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IKR0P22W\01[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IKR0P22W\sh116[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\ads[6].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\data_sync[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\EFpQQyG9GqCrobXxL-KRMWzklk6MJbhg7BmBP42CjCQ[1].eot moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\fastbutton[2].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM[1].eot moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\ads[3].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\ads[4].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\index[5].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14CKP9V1\si[3].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14CKP9V1\si[4].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
OTL fix log All processes killed ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\SearchScopes\{03BCA317-A664-45E5-93C7-BB004DA0F4AE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03BCA317-A664-45E5-93C7-BB004DA0F4AE}\ not found. Registry key HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. C:\Users\Chris\AppData\Roaming\7063dd7c moved successfully. C:\ProgramData\1890814507 moved successfully. C:\ProgramData\551803515 moved successfully. C:\ProgramData\unrar.exe moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Chris\Desktop\cmd.bat deleted successfully. C:\Users\Chris\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Chris ->Temp folder emptied: 17352356512 bytes ->Temporary Internet Files folder emptied: 2022390083 bytes ->Java cache emptied: 1389182 bytes ->Google Chrome cache emptied: 354233529 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 2029136 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 57616 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: itunes ->Temp folder emptied: 66564020 bytes ->Temporary Internet Files folder emptied: 72044217 bytes ->Google Chrome cache emptied: 331640702 bytes ->Flash cache emptied: 3058 bytes User: M ->Temp folder emptied: 9159698 bytes ->Temporary Internet Files folder emptied: 45001449 bytes ->Flash cache emptied: 41044 bytes User: McAfeeMVSUser.Chris-PC ->Temp folder emptied: 12378599 bytes ->Temporary Internet Files folder emptied: 727045 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 231153171 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7328296 bytes RecycleBin emptied: 10592875369 bytes Total Files Cleaned = 29,661.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 05312013_092735 Files\Folders moved on Reboot... C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IKR0P22W\01[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IKR0P22W\sh116[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\ads[6].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\data_sync[1].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\EFpQQyG9GqCrobXxL-KRMWzklk6MJbhg7BmBP42CjCQ[1].eot moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\fastbutton[2].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9NS1L3F9\s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM[1].eot moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\ads[3].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\ads[4].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\19XP2562\index[5].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14CKP9V1\si[3].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14CKP9V1\si[4].htm moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
Step 1. complete Step 2. downloaded JRT, but cannot run it. Everytime I try to run as administrator or otherwise, it opens and is about to run (press any key) then whatever bug/ virus I have closes the JRT window immediately.
-
extras OTL Extras logfile created on: 5/31/2013 7:55:33 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.97 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 57.67% Memory free 4.17 Gb Paging File | 2.47 Gb Available in Paging File | 59.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 11.31 Gb Free Space | 5.08% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 5.94 Gb Free Space | 59.37% Space Free | Partition Type: NTFS Drive E: | 2.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: D-VISTA-5333 | User Name: Chris | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{182F94FF-BB1D-4300-8C6B-D36DC9451169}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{C3DF47C1-624A-431E-B924-53FE913332AF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{E21B93F3-879A-4E19-8B67-2298717F7643}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe | "{EDDC9477-867F-4896-BDF9-57A80EB670AE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01B274C9-394D-4387-98E6-8B496468EC16}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe | "{03DF788F-89B7-44C5-988A-758B79F4DC4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{17A0B9E2-3624-43D4-81DF-CBF8B308EED2}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | "{2B3052F2-F568-4D3C-9272-0B87642114F6}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{35DCF6BC-AA15-4210-B194-9C38E7BF5021}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{38E044C0-7303-49A3-8E52-49BA7BEE8BB4}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe | "{43C30BE7-782C-4B69-B4BB-6D35AB5B6A3F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4AF337B8-5E0D-4EC6-87F8-6C6312617E28}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe | "{5697E156-7544-47BE-B741-B0D2CF3218D2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{587BDC2E-6074-411F-BFA8-CE4C3F53AA8A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{6AFB491D-81A0-45A4-8D2C-4474922A9C92}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | "{77BE3E79-6E80-4212-8F05-80BBD9E2F270}" = dir=in | app=c:\windows\explorer.exe | "{7ACC6E87-8C12-4adb-91B7-EFC3F2F4705A}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{80BFB43B-6EDD-416A-8BE7-AB593235FED2}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{848BCD42-CBC0-4424-B699-34428FCCDB9C}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | "{8F191355-9783-4200-9386-83F445EED79F}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe | "{92459C5E-D350-4cba-AA74-C8F989C9336F}" = protocol=17 | dir=out | app=c:\windows\explorer.exe | "{9A0BC669-FCE0-435D-BC0D-FD8690D7A93E}" = dir=in | app=c:\itunes.exe | "{B078B2B6-A878-44ff-9BCC-458257924F96}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{B1A40E4F-58DB-490f-9D18-55B5194E8BD5}" = protocol=6 | dir=out | app=c:\windows\explorer.exe | "{BC092041-4B10-4A84-8E19-1EBD2F1309DA}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | "{C3E9B20A-B7E2-4aab-9835-3C548937E46F}" = dir=out | app=c:\windows\explorer.exe | "{C9706A3E-3C6A-47AD-9ADE-A5C75FF57013}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{D566DCC8-FF00-476C-950F-1C06ED3DFDF4}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | "{D723C58C-E40F-4062-9E13-B46338723C99}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{D7FBF5A3-DCF0-4BF8-837A-8527FA1AC37E}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe | "{E633B8D5-CDC7-4F5A-AB43-0DBE152E19C0}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools "{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{353D20CC-719B-4A60-AD33-D03F88C10330}" = Microsoft Office Accounting PayPal Addin "{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher "{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client "{395A57A6-E0E1-C599-3A28-19A96682B4C6}" = Adobe Photoshop.com Inspiration Browser "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{46614A49-222A-48EF-87A9-BFD603E608E1}" = Microsoft Office Accounting Fixed Asset Manager "{4850B023-A9C0-4D15-8DE6-326028CAB499}" = Visual C++ 8.0 x86 Runtime Setup Package "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari "{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin "{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{8215AC14-BFC2-4ECC-96D6-1030202F8BDF}" = Visual C++ 8.0 x86 Runtime Setup Package "{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio "{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C711818-076E-475C-B95B-DF11CD9D8DBE}" = Microsoft Office Accounting Equifax Addin "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007 "{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{9276EFE6-10FC-4B54-A68A-D5332B9A0ABA}" = HP Officejet Pro 8600 Basic Device Software "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5 "{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B0717D5A-1976-482B-9ADF-F19631A541A4}" = Microsoft Office Accounting 2007 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2 "{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F44F0A3A-2110-4705-B5EC-D5B6371F53C1}" = Visual C++ 8.0 x86 Runtime Setup Package "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "Album Art Downloader XUI" = Album Art Downloader XUI 0.32 "AviSynth" = AviSynth 2.5 "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2 "CDex" = CDex - Open Source Digital Audio CD Extractor "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "CopyTrans Suite" = CopyTrans Suite Remove Only "Coupon Printer for Windows4.0" = Coupon Printer for Windows "Exact Audio Copy" = Exact Audio Copy 0.99pb5 "ffdshow_is1" = ffdshow v1.1.3800 [2011-03-28] "FrostWire" = FrostWire 4.20.1 "FrostWire 5" = FrostWire 5.2.3 "GIMP-2_is1" = GIMP 2.8.4 "Google Desktop" = Google Desktop "HDMI" = Intel® Graphics Media Accelerator Driver "IrfanView" = IrfanView (remove only) "JBidwatcher_0" = JBidwatcher 2 "JBidwatcher_1" = JBidwatcher 2 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.6 (Full) BETA "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Office Accounting 2007" = Microsoft Office Accounting 2007 "Microsoft Office Accounting Equifax Addin" = Microsoft Office Accounting Equifax Addin "Microsoft Office Accounting PayPal Addin" = Microsoft Office Accounting PayPal Addin "Microsoft Security Client" = Microsoft Security Essentials "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser "PROR" = Microsoft Office Professional 2007 "PS3Xploder" = PS3 Xploder Ultimate Edition "TomTom HOME" = TomTom HOME 2.8.2.2264 "Videora iPod Converter" = Videora iPod Converter 5.03 "Videora iPod touch Converter" = Videora iPod touch Converter 6 "VLC media player" = VLC media player 1.0.2 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "YouTube Downloader App" = YouTube Downloader App 3.00 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "JoinMe" = join.me ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 6/8/2011 10:02:32 AM | Computer Name = d-vista-5333 | Source = Google_Toolbar | ID = 1 Description = Error - 6/16/2011 4:54:24 PM | Computer Name = d-vista-5333 | Source = WinMgmt | ID = 4 Description = Error - 6/22/2011 3:45:12 PM | Computer Name = d-vista-5333 | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.19088 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 7c8 Start Time: 01cc2c68ab1e930c Termination Time: 203 Error - 7/15/2011 1:44:41 PM | Computer Name = d-vista-5333 | Source = Application Hang | ID = 1002 Description = The program PhotoshopElementsEditor.exe version 8.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: a2c Start Time: 01cc4315a7754b30 Termination Time: 63 Error - 8/30/2011 9:14:44 AM | Computer Name = d-vista-5333 | Source = TomTomHOMEService | ID = 10000 Description = Error - 8/30/2011 10:37:32 AM | Computer Name = d-vista-5333 | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.19120, time stamp 0x4e2a9406, faulting module mshtml.dll, version 8.0.6001.19120, time stamp 0x4e2aaa35, exception code 0xc0000005, fault offset 0x00067b98, process id 0x1750, application start time 0x01cc628489e89f1f. Error - 8/30/2011 1:05:21 PM | Computer Name = d-vista-5333 | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.19120, time stamp 0x4e2a9406, faulting module mshtml.dll, version 8.0.6001.19120, time stamp 0x4e2aaa35, exception code 0xc0000005, fault offset 0x00067b98, process id 0x12f8, application start time 0x01cc672292eae9c7. Error - 9/8/2011 4:04:43 PM | Computer Name = d-vista-5333 | Source = Application Error | ID = 1000 Description = Faulting application SearchIndexer.exe, version 7.0.6002.18005, time stamp 0x49e02459, faulting module TQUERY.DLL, version 7.0.6002.18005, time stamp 0x49e0382e, exception code 0xc0000005, fault offset 0x000b1f69, process id 0x8ac, application start time 0x01cc6d37d530aac4. Error - 9/13/2011 2:14:54 PM | Computer Name = d-vista-5333 | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.19120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 83c Start Time: 01cc6d5ee77a5c44 Termination Time: 1153 Error - 9/13/2011 4:55:14 PM | Computer Name = d-vista-5333 | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.19120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 568 Start Time: 01cc6d5ee02c4de4 Termination Time: 312 [ OSession Events ] Error - 12/30/2008 4:03:16 PM | Computer Name = Chris-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 90919 seconds with 900 seconds of active time. This session ended with a crash. Error - 11/10/2009 1:47:46 PM | Computer Name = Chris-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1141529 seconds with 7980 seconds of active time. This session ended with a crash. Error - 5/31/2011 8:42:42 AM | Computer Name = d-vista-5333 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 245305 seconds with 120 seconds of active time. This session ended with a crash. Error - 9/24/2012 3:19:41 PM | Computer Name = d-vista-5333 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 641 seconds with 60 seconds of active time. This session ended with a crash. Error - 4/7/2013 4:24:25 AM | Computer Name = d-vista-5333 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 320018 seconds with 5400 seconds of active time. This session ended with a crash. [ System Events ] Error - 5/21/2013 4:33:16 AM | Computer Name = d-vista-5333 | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.449.0 Update Source: %%859 Update Stage: %%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation. Error - 5/21/2013 4:33:15 AM | Computer Name = d-vista-5333 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Error - 5/21/2013 10:05:07 AM | Computer Name = d-vista-5333 | Source = DCOM | ID = 10000 Description = Error - 5/21/2013 10:05:21 AM | Computer Name = d-vista-5333 | Source = DCOM | ID = 10005 Description = Error - 5/21/2013 10:05:24 AM | Computer Name = d-vista-5333 | Source = Service Control Manager | ID = 7000 Description = Error - 5/21/2013 10:06:11 AM | Computer Name = d-vista-5333 | Source = DCOM | ID = 10010 Description = Error - 5/21/2013 12:07:05 PM | Computer Name = d-vista-5333 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 11:05:15 AM on 5/21/2013 was unexpected. Error - 5/28/2013 3:05:21 PM | Computer Name = d-vista-5333 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 2:03:44 PM on 5/28/2013 was unexpected. Error - 5/29/2013 12:41:35 AM | Computer Name = d-vista-5333 | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.0.195 for the Network Card with network address 00219B17BE33 has been denied by the DHCP server 192.168.0.20 (The DHCP Server sent a DHCPNACK message). Error - 5/29/2013 8:28:08 PM | Computer Name = d-vista-5333 | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.0.218 on the Network Card with network address 00219B17BE33. < End of report >
-
otl.txt OTL logfile created on: 5/31/2013 7:55:33 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.97 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 57.67% Memory free 4.17 Gb Paging File | 2.47 Gb Available in Paging File | 59.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 11.31 Gb Free Space | 5.08% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 5.94 Gb Free Space | 59.37% Space Free | Partition Type: NTFS Drive E: | 2.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: D-VISTA-5333 | User Name: Chris | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/05/31 07:53:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe PRC - [2013/05/11 22:04:18 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe PRC - [2013/05/03 08:57:46 | 000,052,736 | ---- | M] (xx) -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe PRC - [2013/02/21 10:47:12 | 000,241,675 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\javas.exe PRC - [2013/02/21 10:47:09 | 000,023,552 | ---- | M] (xx) -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2012/04/04 07:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2011/10/09 18:06:40 | 000,421,736 | ---- | M] (Apple Inc.) -- C:\iTunesHelper.exe PRC - [2011/10/09 11:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe PRC - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/08/19 01:19:40 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/08/19 01:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe PRC - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2008/07/20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/07/20 18:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/05/23 15:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe ========== Modules (No Company Name) ========== MOD - [2013/05/16 03:19:52 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2a0bdb3ab5d40efcf07ac933e3b9c8e4\System.Deployment.ni.dll MOD - [2013/05/16 03:19:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll MOD - [2013/05/16 03:18:14 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll MOD - [2013/02/21 10:47:12 | 000,241,675 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\javas.exe MOD - [2013/02/21 10:47:10 | 000,194,048 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\curllib.dll MOD - [2013/02/21 10:47:10 | 000,110,592 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\openldap.dll MOD - [2013/02/21 10:47:10 | 000,065,536 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\libsasl.dll MOD - [2013/02/14 04:43:33 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dae1b2e49e240e879a6523025cc306fb\Microsoft.VisualBasic.ni.dll MOD - [2013/01/09 04:36:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll MOD - [2013/01/09 04:36:26 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll MOD - [2013/01/09 04:36:06 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013/01/09 04:35:17 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013/01/09 04:35:06 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/08/26 08:07:27 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll ========== Services (SafeList) ========== SRV - [2013/05/15 06:51:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/10/25 15:57:37 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2008/08/19 01:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters) SRV - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SRV - [2008/07/20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2013/05/08 07:53:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/06/23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/12/15 15:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik) DRV - [2009/12/15 15:29:42 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK) DRV - [2008/08/26 12:55:14 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV - [2008/08/19 02:03:28 | 000,079,960 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) DRV - [2008/08/19 02:02:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60) DRV - [2008/01/20 21:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B 85 AC 0C EE BF DE 46 8F 05 9F E1 62 9D F3 EB [binary data] IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B 85 AC 0C EE BF DE 46 8F 05 9F E1 62 9D F3 EB [binary data] IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6081213 IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B 85 AC 0C EE BF DE 46 8F 05 9F E1 62 9D F3 EB [binary data] IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\SearchScopes\{03BCA317-A664-45E5-93C7-BB004DA0F4AE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287819&CUI=UN41892431801781318 IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=en_US IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_enUS306&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=CCzsRDiKUX_AZxSozZbf8H7Z_K4?q={searchTerms} IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) [2010/12/28 13:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions [2010/12/28 13:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://search.conduit.com/?CUI=UN32469660001539318&ctid=CT3287819&SearchSource=48 CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.13.0.0_0\ CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.13.0.17859_0\ CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\ CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey File not found O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001..\Run: [JavaUpdate] C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\spoolsv.exe (xx) O4 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001..\Run: [JavaUpdate2] C:\Users\Chris\AppData\Roaming\xx\xx\1.0.0.0\chupdates.exe (xx) O4 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet) O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet) O15 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-3573513136-401909964-3576262170-1001\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2E72B21-53B6-4E94-B6D6-E6DA898A31EE}: DhcpNameServer = 209.18.47.61 8.8.8.8 O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\BRDGCFG32.DLL) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/05/31 07:53:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe [2013/05/17 09:23:26 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\dds.scr [2013/05/16 03:10:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/05/16 03:00:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/05/16 03:00:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/05/16 03:00:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/05/16 03:00:54 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/05/16 03:00:52 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/05/16 03:00:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/05/16 03:00:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/05/15 03:17:22 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/05/15 03:17:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013/05/03 08:56:57 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013/05/01 09:20:33 | 000,000,000 | ---D | C] -- C:\TEMP [1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/05/31 07:55:11 | 1948,337,152 | ---- | M] () -- C:\Program Files\outlook (2).pst [2013/05/31 07:53:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe [2013/05/31 07:51:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/05/31 07:29:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3573513136-401909964-3576262170-1006UA.job [2013/05/31 07:09:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3573513136-401909964-3576262170-1001UA.job [2013/05/31 06:00:17 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/31 06:00:17 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/30 23:29:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3573513136-401909964-3576262170-1006Core.job [2013/05/30 22:09:02 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3573513136-401909964-3576262170-1001Core.job [2013/05/29 12:05:26 | 000,652,962 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/05/29 12:05:26 | 000,122,278 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/05/29 12:00:39 | 000,002,633 | ---- | M] () -- C:\Users\Chris\Desktop\Microsoft Office Outlook 2007.lnk [2013/05/29 12:00:14 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job [2013/05/29 11:59:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/29 11:59:52 | 2110,771,200 | -HS- | M] () -- C:\hiberfil.sys [2013/05/23 18:10:16 | 000,002,046 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/05/23 18:10:15 | 000,002,044 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk [2013/05/23 12:28:28 | 000,002,651 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2013/05/17 09:23:26 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\dds.scr [2013/05/16 03:16:17 | 003,775,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/05/15 06:51:42 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/05/15 06:51:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/05/08 07:53:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013/05/05 14:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/05/02 10:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/05/03 08:55:41 | 2110,771,200 | -HS- | C] () -- C:\hiberfil.sys [2013/02/22 13:59:02 | 000,001,504 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel [2012/02/15 22:28:42 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2010/07/08 12:09:18 | 000,000,056 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\7063dd7c [2010/07/06 11:09:04 | 000,000,650 | -HS- | C] () -- C:\ProgramData\1890814507 [2010/07/06 11:09:02 | 000,000,817 | ---- | C] () -- C:\ProgramData\551803515 [2010/07/06 11:08:30 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe [2008/12/29 12:21:15 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat [2008/12/23 08:39:50 | 1948,337,152 | ---- | C] () -- C:\Program Files\outlook (2).pst [2008/12/18 11:28:18 | 000,133,632 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/12/18 11:22:30 | 001,642,502 | ---- | C] () -- C:\Users\Chris\shoes.jpg [2008/12/18 11:22:30 | 001,483,448 | ---- | C] () -- C:\Users\Chris\spy glasses.jpg [2008/12/18 11:22:30 | 001,470,736 | ---- | C] () -- C:\Users\Chris\shoes2.jpg [2008/12/18 11:22:16 | 213,111,154 | ---- | C] () -- C:\Users\Chris\run 38-2.zip [2008/12/18 11:22:16 | 002,059,105 | ---- | C] () -- C:\Users\Chris\Build book ad.jpg [2008/12/18 11:22:16 | 001,845,852 | ---- | C] () -- C:\Users\Chris\DSC02137.JPG [2008/12/18 11:22:16 | 001,788,112 | ---- | C] () -- C:\Users\Chris\DSC02135.JPG [2008/12/18 11:22:16 | 000,000,513 | ---- | C] () -- C:\Users\Chris\HP Photo Printing.lnk [2008/12/18 11:16:04 | 000,000,605 | ---- | C] () -- C:\Users\Chris\Ulead Photo Express 3.0 SE.lnk [2008/12/18 11:16:04 | 000,000,365 | ---- | C] () -- C:\Users\Chris\WinZip.lnk ========== ZeroAccess Check ========== [2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >
-
I ran the dds.scr again and it only creates the attach file
-
I am looking at my desktop and I dont believe it generated a DDS.txt
-
Microsoft® Windows Vista™ Home Basic Boot Device: \Device\HarddiskVolume3 Install Date: 12/12/2008 12:44:48 PM System Uptime: 5/16/2013 3:13:46 AM (30 hours ago) . Motherboard: Dell Inc. | | 0P301D Processor: Intel® Core2 Duo CPU E7300 @ 2.66GHz | Socket 775 | 2662/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 17.904 GiB free. D: is FIXED (NTFS) - 10 GiB total, 5.937 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1535: 4/23/2013 9:04:26 AM - Windows Update RP1536: 4/24/2013 12:00:01 AM - Scheduled Checkpoint RP1537: 4/25/2013 3:00:16 AM - Windows Update RP1538: 4/28/2013 12:00:28 AM - Scheduled Checkpoint RP1539: 4/29/2013 12:06:06 PM - Windows Update RP1540: 5/3/2013 9:57:10 AM - Scheduled Checkpoint RP1541: 5/4/2013 12:00:03 AM - Scheduled Checkpoint RP1542: 5/4/2013 9:08:04 AM - Windows Update RP1543: 5/7/2013 9:14:05 AM - Windows Update RP1544: 5/8/2013 8:36:02 AM - Scheduled Checkpoint RP1545: 5/9/2013 12:00:07 AM - Scheduled Checkpoint RP1547: 5/11/2013 12:48:16 PM - Scheduled Checkpoint RP1548: 5/12/2013 2:00:35 AM - Windows Update RP1549: 5/15/2013 1:42:49 PM - Windows Update RP1550: 5/16/2013 3:00:17 AM - Windows Update RP1551: 5/17/2013 12:00:04 AM - Scheduled Checkpoint . ==== Image File Execution Options ============= . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 bit Windows Card Reader Driver Acrobat.com Adobe AIR Adobe Download Assistant Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Photoshop CS6 Adobe Photoshop Elements 8.0 Adobe Photoshop Lightroom 2.5 Adobe Photoshop.com Inspiration Browser Adobe Reader X (10.1.6) Album Art Downloader XUI 0.32 Apple Application Support Apple Mobile Device Support Apple Software Update AviSynth 2.5 Bonjour Browser Address Error Redirector Business Contact Manager for Outlook 2007 SP2 Business Tools Launcher CDex - Open Source Digital Audio CD Extractor CopyTrans Suite Remove Only Coupon Printer for Windows D3DX10 Dell Getting Started Guide Dell Support Center (Support Software) EDocs Exact Audio Copy 0.99pb5 ffdshow v1.1.3800 [2011-03-28] FrostWire 4.20.1 FrostWire 5.2.3 GIMP 2.8.4 Google Chrome Google Desktop Google Toolbar for Internet Explorer Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Officejet Pro 8600 Basic Device Software HP Update I.R.I.S. OCR Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager IrfanView (remove only) iTunes Java 6 Update 7 JBidwatcher 2 join.me K-Lite Codec Pack 5.6.6 (Full) BETA Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Accounting 2007 Microsoft Office Accounting ADP Payroll Addin Microsoft Office Accounting Equifax Addin Microsoft Office Accounting Fixed Asset Manager Microsoft Office Accounting PayPal Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK OGA Notifier 2.0.0048.0 PDF Settings CS6 Personal Entertainment Launcher PowerDVD Product Support Launcher PS3 Xploder Ultimate Edition QuickTime Realtek Ethernet Network Card Diagnostic tool for Windows Vista Realtek High Definition Audio Driver Roxio Activation Module Roxio Creator Audio Roxio Creator BDAV Plugin Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Safari Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UI Sonic CinePlayer Decoder Pack Spelling Dictionaries Support For Adobe Reader 9 SUPERAntiSpyware TomTom HOME 2.8.2.2264 TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Videora iPod Converter 5.03 Videora iPod touch Converter 6 Visual C++ 8.0 x86 Runtime Setup Package VLC media player 1.0.2 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR archiver YouTube Downloader 2.6.5 YouTube Downloader App 3.00 . ==== Event Viewer Messages From Past Week ======== . 5/15/2013 2:12:00 PM, Error: EventLog [6008] - The previous system shutdown at 2:09:36 PM on 5/15/2013 was unexpected. 5/11/2013 8:39:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service. 5/11/2013 11:18:06 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/11/2013 11:18:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect. 5/11/2013 1:22:13 PM, Error: EventLog [6008] - The previous system shutdown at 1:20:21 PM on 5/11/2013 was unexpected. . ==== End Of File ===========================
-
I cannot start my task manager, malwarebytes is automatically blocked whenever I open or start computer, and I get a xx has stopped working frequently. I did the stealth malwarebytes and it found some stuff, but it didnt look like anything too serious. Also running Microsoft security essentials, and SuperAntispyware. Any help would be appreciated. I have a dds log, but will wait to post until I am asked to. Thank you