jonnyglaw

i tried to delete program and download again but the program still does not let me highlight my disc drive.

it does not allow me to do this - not sure why - i tried this the other day and i tried again just now. But i can't highllight either actually - any further ideas? thanks for your help.

Do you think my hard drive is now a little old and slow? Should i perhaps buy a new computer?

Unfortunately Windows Diagnostic Tool Ver. 1.12 won't run for me. See attached

is this the one? Image Name: System Idle Process PID: 0 Session Name: Services Session#: 0 Mem Usage: 24 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 20:24:40 Window Title: N/A Image Name: System PID: 4 Session Name: Services Session#: 0 Mem Usage: 5ÿ636 K Status: Unknown User Name: N/A CPU Time: 0:06:30 Window Title: N/A Image Name: smss.exe PID: 512 Session Name: Services Session#: 0 Mem Usage: 560 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: csrss.exe PID: 592 Session Name: Services Session#: 0 Mem Usage: 8ÿ328 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:03 Window Title: N/A Image Name: wininit.exe PID: 636 Session Name: Services Session#: 0 Mem Usage: 3ÿ164 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: csrss.exe PID: 648 Session Name: Console Session#: 1 Mem Usage: 13ÿ632 K Status: Not Responding User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:32 Window Title: N/A Image Name: services.exe PID: 680 Session Name: Services Session#: 0 Mem Usage: 6ÿ004 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:34 Window Title: N/A Image Name: lsass.exe PID: 692 Session Name: Services Session#: 0 Mem Usage: 2ÿ572 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:18 Window Title: N/A Image Name: lsm.exe PID: 700 Session Name: Services Session#: 0 Mem Usage: 3ÿ400 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: winlogon.exe PID: 808 Session Name: Console Session#: 1 Mem Usage: 4ÿ772 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: svchost.exe PID: 888 Session Name: Services Session#: 0 Mem Usage: 6ÿ332 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:03:45 Window Title: N/A Image Name: TAMSvr.exe PID: 932 Session Name: Services Session#: 0 Mem Usage: 2ÿ052 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: PresentationFontCache.exe PID: 944 Session Name: Services Session#: 0 Mem Usage: 7ÿ796 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:00 Window Title: N/A Image Name: svchost.exe PID: 988 Session Name: Services Session#: 0 Mem Usage: 6ÿ420 K Status: Unknown User Name: NT AUTHORITY\NETWORK SERVICE CPU Time: 0:00:15 Window Title: N/A Image Name: svchost.exe PID: 1024 Session Name: Services Session#: 0 Mem Usage: 9ÿ684 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:09 Window Title: N/A Image Name: svchost.exe PID: 1116 Session Name: Services Session#: 0 Mem Usage: 98ÿ424 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:06:25 Window Title: N/A Image Name: svchost.exe PID: 1132 Session Name: Services Session#: 0 Mem Usage: 48ÿ992 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:01:44 Window Title: N/A Image Name: audiodg.exe PID: 1240 Session Name: Services Session#: 0 Mem Usage: 13ÿ780 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:45:50 Window Title: N/A Image Name: svchost.exe PID: 1264 Session Name: Services Session#: 0 Mem Usage: 3ÿ836 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: SLsvc.exe PID: 1288 Session Name: Services Session#: 0 Mem Usage: 3ÿ988 K Status: Unknown User Name: NT AUTHORITY\NETWORK SERVICE CPU Time: 0:00:02 Window Title: N/A Image Name: svchost.exe PID: 1328 Session Name: Services Session#: 0 Mem Usage: 7ÿ984 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:06 Window Title: N/A Image Name: svchost.exe PID: 1512 Session Name: Services Session#: 0 Mem Usage: 12ÿ400 K Status: Unknown User Name: NT AUTHORITY\NETWORK SERVICE CPU Time: 0:00:46 Window Title: N/A Image Name: spoolsv.exe PID: 1716 Session Name: Services Session#: 0 Mem Usage: 12ÿ688 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:01:11 Window Title: N/A Image Name: svchost.exe PID: 1748 Session Name: Services Session#: 0 Mem Usage: 10ÿ900 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:07 Window Title: N/A Image Name: armsvc.exe PID: 1952 Session Name: Services Session#: 0 Mem Usage: 2ÿ764 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: agrsmsvc.exe PID: 1972 Session Name: Services Session#: 0 Mem Usage: 1ÿ996 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: AppleMobileDeviceService.exe PID: 2000 Session Name: Services Session#: 0 Mem Usage: 5ÿ412 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:10 Window Title: N/A Image Name: mDNSResponder.exe PID: 2016 Session Name: Services Session#: 0 Mem Usage: 3ÿ884 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:01 Window Title: N/A Image Name: CFSvcs.exe PID: 2028 Session Name: Services Session#: 0 Mem Usage: 2ÿ012 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: dwm.exe PID: 392 Session Name: Console Session#: 1 Mem Usage: 63ÿ948 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:15:24 Window Title: DWM Notification Window Image Name: taskeng.exe PID: 520 Session Name: Console Session#: 1 Mem Usage: 9ÿ884 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:04 Window Title: MCI command handling window Image Name: Crypserv.exe PID: 560 Session Name: Services Session#: 0 Mem Usage: 3ÿ288 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:01 Window Title: N/A Image Name: explorer.exe PID: 584 Session Name: Console Session#: 1 Mem Usage: 66ÿ608 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:03:55 Window Title: N/A Image Name: ekrn.exe PID: 876 Session Name: Services Session#: 0 Mem Usage: 86ÿ716 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:05:44 Window Title: N/A Image Name: FTRTSVC.exe PID: 1428 Session Name: Services Session#: 0 Mem Usage: 2ÿ080 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: svchost.exe PID: 368 Session Name: Services Session#: 0 Mem Usage: 6ÿ536 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:06 Window Title: N/A Image Name: lxebcoms.exe PID: 984 Session Name: Services Session#: 0 Mem Usage: 7ÿ004 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:53 Window Title: N/A Image Name: svchost.exe PID: 2188 Session Name: Services Session#: 0 Mem Usage: 4ÿ408 K Status: Unknown User Name: NT AUTHORITY\NETWORK SERVICE CPU Time: 0:00:01 Window Title: N/A Image Name: SynTPEnh.exe PID: 2228 Session Name: Console Session#: 1 Mem Usage: 6ÿ788 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:01:39 Window Title: N/A Image Name: NDSTray.exe PID: 2244 Session Name: Console Session#: 1 Mem Usage: 6ÿ612 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:08 Window Title: ConfigFree Image Name: Toshiba.Tempo.UI.TrayApplication.exe PID: 2264 Session Name: Console Session#: 1 Mem Usage: 15ÿ108 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:06 Window Title: N/A Image Name: RtHDVCpl.exe PID: 2284 Session Name: Console Session#: 1 Mem Usage: 5ÿ540 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: MMDEVAPI Device Window Image Name: igfxtray.exe PID: 2296 Session Name: Console Session#: 1 Mem Usage: 3ÿ652 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: igfxtrayWindow Image Name: hkcmd.exe PID: 2304 Session Name: Console Session#: 1 Mem Usage: 4ÿ020 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: igfxpers.exe PID: 2312 Session Name: Console Session#: 1 Mem Usage: 3ÿ824 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: PersistWndName Image Name: HDMICtrlMan.exe PID: 2320 Session Name: Console Session#: 1 Mem Usage: 6ÿ584 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:01 Window Title: TosHDMIControlManagerMain Image Name: TPwrMain.exe PID: 2340 Session Name: Console Session#: 1 Mem Usage: 4ÿ160 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: TPS8_PWRMAIN_Wnd Image Name: SmoothView.exe PID: 2376 Session Name: Console Session#: 1 Mem Usage: 2ÿ668 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: SmoothView Image Name: TCrdMain.exe PID: 2384 Session Name: Console Session#: 1 Mem Usage: 5ÿ968 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: TCrdMain Image Name: FpNotifier.exe PID: 2400 Session Name: Console Session#: 1 Mem Usage: 4ÿ404 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: usbnotify.exe PID: 2412 Session Name: Console Session#: 1 Mem Usage: 3ÿ984 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: PwdBank.exe PID: 2424 Session Name: Console Session#: 1 Mem Usage: 5ÿ428 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: hpwuSchd2.exe PID: 2440 Session Name: Console Session#: 1 Mem Usage: 2ÿ636 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: HPWU Image Name: egui.exe PID: 2448 Session Name: Console Session#: 1 Mem Usage: 7ÿ372 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:36 Window Title: ESET Smart Security Image Name: lxebmon.exe PID: 2456 Session Name: Console Session#: 1 Mem Usage: 14ÿ868 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:03 Window Title: Session Controller lxeb Image Name: ezprint.exe PID: 2464 Session Name: Console Session#: 1 Mem Usage: 6ÿ172 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: iTunesHelper.exe PID: 2504 Session Name: Console Session#: 1 Mem Usage: 6ÿ428 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: WinAMRestoreWnd Image Name: svchost.exe PID: 2524 Session Name: Services Session#: 0 Mem Usage: 10ÿ792 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:07 Window Title: N/A Image Name: TempoSVC.exe PID: 2548 Session Name: Services Session#: 0 Mem Usage: 14ÿ404 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:18 Window Title: N/A Image Name: ehtray.exe PID: 2684 Session Name: Console Session#: 1 Mem Usage: 1ÿ176 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: Windows Media Center Image Name: iCloudServices.exe PID: 2692 Session Name: Console Session#: 1 Mem Usage: 5ÿ940 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: iCloud Image Name: Dropbox.exe PID: 2728 Session Name: Console Session#: 1 Mem Usage: 73ÿ824 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:07:19 Window Title: N/A Image Name: ONENOTEM.EXE PID: 2748 Session Name: Console Session#: 1 Mem Usage: 552 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: Microsoft Office OneNote 2007 - Windows taskbar Image Name: igfxsrvc.exe PID: 3000 Session Name: Console Session#: 1 Mem Usage: 4ÿ912 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:07 Window Title: OleMainThreadWndName Image Name: TNaviSrv.exe PID: 3236 Session Name: Services Session#: 0 Mem Usage: 2ÿ480 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: TODDSrv.exe PID: 3276 Session Name: Services Session#: 0 Mem Usage: 2ÿ892 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: TosCoSrv.exe PID: 3296 Session Name: Services Session#: 0 Mem Usage: 3ÿ116 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: TosIPCSrv.exe PID: 3320 Session Name: Services Session#: 0 Mem Usage: 2ÿ064 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: svchost.exe PID: 3400 Session Name: Services Session#: 0 Mem Usage: 2ÿ892 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: SearchIndexer.exe PID: 3424 Session Name: Services Session#: 0 Mem Usage: 46ÿ332 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:05:19 Window Title: N/A Image Name: ehmsas.exe PID: 3964 Session Name: Console Session#: 1 Mem Usage: 3ÿ264 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: OleMainThreadWndName Image Name: igfxext.exe PID: 3256 Session Name: Console Session#: 1 Mem Usage: 3ÿ408 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: IgfxExt_Wnd_Name Image Name: CFSwMgr.exe PID: 4084 Session Name: Console Session#: 1 Mem Usage: 5ÿ668 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: CFSwManager Image Name: HCMSoundChanger.exe PID: 4008 Session Name: Console Session#: 1 Mem Usage: 5ÿ952 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: MMDEVAPI Device Window Image Name: taskeng.exe PID: 1852 Session Name: Services Session#: 0 Mem Usage: 5ÿ148 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: iPodService.exe PID: 3476 Session Name: Services Session#: 0 Mem Usage: 4ÿ212 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:00 Window Title: N/A Image Name: firefox.exe PID: 4188 Session Name: Console Session#: 1 Mem Usage: 298ÿ480 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:17:57 Window Title: accreditated - Google Search - Mozilla Firefox Image Name: SynTPHelper.exe PID: 4284 Session Name: Console Session#: 1 Mem Usage: 2ÿ348 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: svchost.exe PID: 4376 Session Name: Services Session#: 0 Mem Usage: 16ÿ036 K Status: Unknown User Name: NT AUTHORITY\LOCAL SERVICE CPU Time: 0:00:00 Window Title: N/A Image Name: unsecapp.exe PID: 4804 Session Name: Console Session#: 1 Mem Usage: 4ÿ824 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:03 Window Title: OleMainThreadWndName Image Name: WmiPrvSE.exe PID: 4932 Session Name: Services Session#: 0 Mem Usage: 5ÿ580 K Status: Unknown User Name: NT AUTHORITY\SYSTEM CPU Time: 0:00:40 Window Title: N/A Image Name: OUTLOOK.EXE PID: 5376 Session Name: Console Session#: 1 Mem Usage: 169ÿ444 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:45:57 Window Title: Inbox in jon.law@marmottemountain.com - Microsoft Outlook Image Name: iexplore.exe PID: 5844 Session Name: Console Session#: 1 Mem Usage: 26ÿ872 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:01:25 Window Title: I'm infected, what do i do next - Page 3 - Malware Removal Help - Malwarebytes Forum - Windows Internet Explorer Image Name: iexplore.exe PID: 3220 Session Name: Console Session#: 1 Mem Usage: 100ÿ432 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 1:00:13 Window Title: N/A Image Name: FlashUtil32_11_9_900_117_ActiveX.exe PID: 1988 Session Name: Console Session#: 1 Mem Usage: 5ÿ396 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: OleMainThreadWndName Image Name: iexplore.exe PID: 4696 Session Name: Console Session#: 1 Mem Usage: 85ÿ832 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:11:55 Window Title: N/A Image Name: plugin-container.exe PID: 5032 Session Name: Console Session#: 1 Mem Usage: 12ÿ312 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:01:09 Window Title: N/A Image Name: FlashPlayerPlugin_11_9_900_117.exe PID: 4216 Session Name: Console Session#: 1 Mem Usage: 8ÿ140 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:30 Window Title: N/A Image Name: FlashPlayerPlugin_11_9_900_117.exe PID: 4596 Session Name: Console Session#: 1 Mem Usage: 25ÿ892 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:02:22 Window Title: Msg Image Name: EXCEL.EXE PID: 1068 Session Name: Console Session#: 1 Mem Usage: 28ÿ324 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:10 Window Title: Microsoft Excel non-commercial use - Monthly Invoices to pay.xlsx Image Name: iTunes.exe PID: 3760 Session Name: Console Session#: 1 Mem Usage: 112ÿ172 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:11:42 Window Title: iTunes Image Name: AppleMobileDeviceHelper.exe PID: 2180 Session Name: Console Session#: 1 Mem Usage: 6ÿ600 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe Image Name: distnoted.exe PID: 2884 Session Name: Console Session#: 1 Mem Usage: 3ÿ980 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe Image Name: ApplePhotoStreams.exe PID: 6064 Session Name: Console Session#: 1 Mem Usage: 11ÿ072 K Status: Unknown User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: conime.exe PID: 5388 Session Name: Console Session#: 1 Mem Usage: 3ÿ460 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: cmd.exe PID: 5556 Session Name: Console Session#: 1 Mem Usage: 2ÿ316 K Status: Running User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: Administrator: C:\Windows\System32\cmd.exe - tasklist /V /FO LIST Image Name: tasklist.exe PID: 5496 Session Name: Console Session#: 1 Mem Usage: 5ÿ968 K Status: Unknown User Name: JonnyMarmotte\Jonny Marmotte CPU Time: 0:00:00 Window Title: N/A Image Name: WmiPrvSE.exe PID: 5656 Session Name: Services Session#: 0 Mem Usage: 5ÿ844 K Status: Unknown User Name: NT AUTHORITY\NETWORK SERVICE CPU Time: 0:00:00 Window Title: N/A

This is the report from last check

didn't seem to work - not sure if i did not do it right?

I opened HD Tune but it did not start up automatically. I scanned the disc for 'error scan' and it came back ok. Would you like if i attached the benchmark graph and/or health?

thanks - what test would you like me to run on hdtune and what would you like me to report back?

I thought i should also add that i ran the matwarebytes scan again late last night and it came back with nothing - but my computer is still sluggish and hard drive is still constantly racing.

ComboFix 13-11-03.02 - Jonny Marmotte 03/11/2013 12:47:44.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.33.1033.18.2939.1606 [GMT 1:00] Lancé depuis: c:\users\Jonny Marmotte\Desktop\ComboFix.exe AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . ((((((((((((((((((((((((((((( Fichiers créés du 2013-10-03 au 2013-11-03 )))))))))))))))))))))))))))))))))))) . . 2013-11-03 12:00 . 2013-11-03 12:00 -------- d-----w- c:\users\Jonny Marmotte\AppData\Local\temp 2013-11-01 08:58 . 2013-11-01 08:58 -------- d-----w- C:\FRST 2013-10-31 22:34 . 2013-10-31 22:34 -------- d-----w- c:\windows\ERUNT 2013-10-31 21:33 . 2013-10-31 22:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-10-31 21:32 . 2013-10-31 21:32 75992 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-10-30 08:27 . 2013-10-30 08:28 -------- d-----w- c:\program files\ERUNT 2013-10-29 22:46 . 2013-11-01 02:17 -------- d-----w- C:\AdwCleaner 2013-10-29 16:27 . 2013-10-29 16:27 -------- d-----w- c:\programdata\Malwarebytes 2013-10-29 16:27 . 2013-10-29 16:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-10-29 16:27 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-26 01:23 . 2013-10-26 01:23 -------- d-----w- c:\program files\iPod 2013-10-26 01:23 . 2013-10-26 01:24 -------- d-----w- c:\program files\iTunes 2013-10-13 09:57 . 2013-10-13 09:57 -------- d-----w- c:\users\Jonny Marmotte\AppData\Local\ABBYY 2013-10-08 22:25 . 2013-08-29 07:36 2050048 ----a-w- c:\windows\system32\win32k.sys 2013-10-08 22:25 . 2013-06-29 02:07 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-10-08 22:25 . 2013-06-29 02:07 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-10-08 22:25 . 2013-06-29 02:06 6016 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-10-08 22:25 . 2013-06-29 02:07 226304 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-10-08 22:25 . 2011-05-05 13:54 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-10-08 22:25 . 2011-05-05 13:54 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-10-08 22:25 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll 2013-10-08 22:25 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll 2013-10-08 22:25 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-18 08:15 . 2013-11-03 10:58 65184 ----a-w- c:\windows\apppatch\MATSShim.DLL 2013-09-03 12:35 . 2009-10-03 07:31 238872 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOvrly1] @="{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}" [HKEY_CLASSES_ROOT\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}] 2009-04-23 18:17 122880 ----a-w- c:\program files\TrueSuite Access Manager\IconOvrly.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-04-05 59720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "NDSTray.exe"="NDSTray.exe" [bU] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864] "FingerPrintNotifer"="c:\program files\TrueSuite Access Manager\FpNotifier.exe" [2008-10-21 704512] "UsbMonitor"="c:\program files\TrueSuite Access Manager\usbnotify.exe" [2009-04-23 94208] "PwdBank"="c:\program files\TrueSuite Access Manager\PwdBank.exe" [2009-04-23 3200512] "Skytel"="Skytel.exe" [2007-11-20 1826816] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360] "lxebmon.exe"="c:\program files\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-01-18 770728] "EzPrint"="c:\program files\Lexmark Pro200-S500 Series\ezprint.exe" [2010-01-18 139944] "Lexmark Pro200-S500 Series Fax Server"="c:\program files\Lexmark Pro200-S500 Series\fm3032.exe" [2010-01-18 316072] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-10-23 152392] . c:\users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432] ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Users^Jonny Marmotte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Legalsounds Download Manager.lnk] path=c:\users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Legalsounds Download Manager.lnk backup=c:\windows\pss\Legalsounds Download Manager.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' . 2013-11-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-02 09:45] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jonny Marmotte\AppData\Roaming\Mozilla\Firefox\Profiles\tq8cgnfz.default-1383396520721\ . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Coupon Printer for Windows5.0.0.0 - c:\program files\Coupons\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-11-03 13:00 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Heure de fin: 2013-11-03 13:05:17 ComboFix-quarantined-files.txt 2013-11-03 12:04 ComboFix2.txt 2013-10-31 11:30 . Avant-CF: 22 780 108 800 bytes free Après-CF: 22 524 833 792 bytes free . - - End Of File - - 5BC0D64A2BA90557DBB16C164EC4260A 5C616939100B85E558DA92B899A0FC36

Fix Windows Desktop Search when it crashes or not showing results - showed no errors.

MiniToolBox by Farbar Version: 13-07-2013 Ran by Jonny Marmotte (administrator) on 03-11-2013 at 09:18:25 Running from "C:\Users\Jonny Marmotte\Desktop" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected) Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : JonnyMarmotte Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Mixed IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : home Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : home Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN Physical Address. . . . . . . . . : 00-22-FA-2A-A8-36 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::551c:eb4f:4f93:7063%37(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.13(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : dimanche 3 novembre 2013 09:09:01 Lease Expires . . . . . . . . . . : lundi 4 novembre 2013 09:09:01 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 184558330 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-90-CE-EC-00-1E-33-99-69-26 DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : 00-1E-33-99-69-26 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 6: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 7: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.home Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 12: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2465:3e03:3f57:fef2(Preferred) Link-local IPv6 Address . . . . . : fe80::2465:3e03:3f57:fef2%11(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection* 14: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 15: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 17: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 20: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 22: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 23: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #11 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 32: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : home Description . . . . . . . . . . . : isatap.home Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 31: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 35: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 33: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 38: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #17 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 41: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : 6TO4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Server: livebox.home Address: 192.168.1.1 Name: google.com Addresses: 173.194.34.36 173.194.34.37 173.194.34.38 173.194.34.39 173.194.34.40 173.194.34.41 173.194.34.46 173.194.34.32 173.194.34.33 173.194.34.34 173.194.34.35 Pinging google.com [173.194.34.36] with 32 bytes of data: Reply from 173.194.34.36: bytes=32 time=149ms TTL=54 Reply from 173.194.34.36: bytes=32 time=171ms TTL=54 Ping statistics for 173.194.34.36: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 149ms, Maximum = 171ms, Average = 160ms Server: livebox.home Address: 192.168.1.1 Name: yahoo.com Addresses: 98.138.253.109 98.139.183.24 206.190.36.45 Pinging yahoo.com [98.138.253.109] with 32 bytes of data: Reply from 98.138.253.109: bytes=32 time=202ms TTL=46 Reply from 98.138.253.109: bytes=32 time=318ms TTL=46 Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 202ms, Maximum = 318ms, Average = 260ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 37 ...00 22 fa 2a a8 36 ...... Intel® WiFi Link 5100 AGN 10 ...00 1e 33 99 69 26 ...... Realtek PCIe FE Family Controller 1 ........................... Software Loopback Interface 1 29 ...00 00 00 00 00 00 00 e0 isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} 28 ...00 00 00 00 00 00 00 e0 isatap.home 13 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface 15 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5 12 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5 17 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7 20 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9 22 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10 23 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #11 46 ...00 00 00 00 00 00 00 e0 isatap.home 32 ...00 00 00 00 00 00 00 e0 isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} 41 ...00 00 00 00 00 00 00 e0 isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} 35 ...00 00 00 00 00 00 00 e0 isatap.{47B19B4B-E364-45C8-AFD2-D9A24F8DD69A} 47 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #17 36 ...00 00 00 00 00 00 00 e0 6TO4 Adapter =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.13 30 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.13 286 192.168.1.13 255.255.255.255 On-link 192.168.1.13 286 192.168.1.255 255.255.255.255 On-link 192.168.1.13 286 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.13 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.13 286 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 11 38 ::/0 On-link 1 306 ::1/128 On-link 11 38 2001::/32 On-link 11 286 2001:0:9d38:90d7:2465:3e03:3f57:fef2/128 On-link 37 286 fe80::/64 On-link 11 286 fe80::/64 On-link 11 286 fe80::2465:3e03:3f57:fef2/128 On-link 37 286 fe80::551c:eb4f:4f93:7063/128 On-link 1 306 ff00::/8 On-link 11 286 ff00::/8 On-link 37 286 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation) Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation) Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation) Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation) Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation) Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (11/03/2013 06:05:21 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10530 Error: (11/03/2013 06:05:21 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10530 Error: (11/03/2013 06:05:21 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/03/2013 06:05:20 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 9532 Error: (11/03/2013 06:05:20 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 9532 Error: (11/03/2013 06:05:20 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/03/2013 06:05:19 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8518 Error: (11/03/2013 06:05:19 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8518 Error: (11/03/2013 06:05:19 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/03/2013 06:05:18 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7441 System errors: ============= Error: (11/03/2013 02:28:32 AM) (Source: Service Control Manager) (User: ) Description: Windows Search%%1053 Error: (11/03/2013 02:28:32 AM) (Source: Service Control Manager) (User: ) Description: 30000Windows Search Error: (11/03/2013 02:28:32 AM) (Source: DCOM) (User: ) Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/02/2013 11:17:28 PM) (Source: volsnap) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (11/02/2013 04:04:58 PM) (Source: Service Control Manager) (User: ) Description: Authentec memory manager service1 Error: (11/02/2013 01:45:59 PM) (Source: Service Control Manager) (User: ) Description: Lbd Error: (11/02/2013 01:45:57 PM) (Source: Service Control Manager) (User: ) Description: HP CUE DeviceDiscovery Service Error: (11/02/2013 01:44:39 PM) (Source: Service Control Manager) (User: ) Description: lxebCATSCustConnectService%%1053 Error: (11/02/2013 01:44:39 PM) (Source: Service Control Manager) (User: ) Description: 30000lxebCATSCustConnectService Error: (11/02/2013 01:44:39 PM) (Source: Service Control Manager) (User: ) Description: HWDeviceService.exe%%2 Microsoft Office Sessions: ========================= Error: (10/27/2013 01:39:20 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 221951 seconds with 9420 seconds of active time. This session ended with a crash. Error: (10/11/2013 08:19:57 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 117920 seconds with 12300 seconds of active time. This session ended with a crash. Error: (09/30/2013 06:17:03 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15576 seconds with 10560 seconds of active time. This session ended with a crash. Error: (07/30/2013 09:50:43 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69744 seconds with 2700 seconds of active time. This session ended with a crash. Error: (06/11/2013 09:51:01 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90092 seconds with 1320 seconds of active time. This session ended with a crash. Error: (05/02/2013 04:19:30 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 594191 seconds with 38280 seconds of active time. This session ended with a crash. Error: (04/20/2013 07:42:51 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 49500 seconds with 4680 seconds of active time. This session ended with a crash. Error: (04/04/2013 10:38:50 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 148360 seconds with 8760 seconds of active time. This session ended with a crash. Error: (04/02/2013 05:25:51 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66194 seconds with 11460 seconds of active time. This session ended with a crash. Error: (03/22/2013 01:14:32 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14895 seconds with 2700 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-11-03 05:37:34.598 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:37:34.048 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:37:33.567 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:37:32.987 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:37:32.497 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:37:32.012 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:26:28.400 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:26:27.913 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:26:27.418 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-03 05:26:26.885 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. =========================== Installed Programs ============================ Update for Microsoft Office 2007 (KB2508958) 1400 (Version: 82.0.242.000) 1400_Help (Version: 82.0.242.000) 1400Trb (Version: 82.0.242.000) 32 Bit HP CIO Components Installer (Version: 7.1.8) Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0) Adobe AIR (Version: 3.4.0.2710) Adobe Flash Player 11 ActiveX (Version: 11.9.900.117) Adobe Flash Player 11 Plugin (Version: 11.9.900.117) Adobe Media Player (Version: 0.0.0) Adobe Media Player (Version: 1.1) Adobe Reader X (10.1.8) (Version: 10.1.8) AIO_CDB_ProductContext (Version: 82.0.242.000) AIO_CDB_Software (Version: 82.0.242.000) AIO_Scan (Version: 82.0.173.000) Apple Application Support (Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (Version: 2.1.3.127) Bonjour (Version: 3.0.0.10) BufferChm (Version: 82.0.173.000) CD/DVD Drive Acoustic Silencer (Version: 2.02.03) Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000) Constant Contact QuickImport v2 for Outlook (Version: 2.7.0) Copy (Version: 120.0.214.000) Coupon Printer for Windows (Version: 5.0.0.0) Destination Component (Version: 090.000.091.086) DeviceDiscovery (Version: 110.0.180.000) DeviceManagementQFolder (Version: 1.00.0000) DocProc (Version: 8.1.0.0) DocProcQFolder (Version: 1.00.0000) Dropbox (Version: 2.4.2) ERUNT 1.1j ESET Smart Security (Version: 4.0.467.0) eSupportQFolder (Version: 1.00.0000) Fax (Version: 120.0.194.000) Garmin BaseCamp (Version: 3.3.3) HDMI Control Manager (Version: 1.7) HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0) HP Deskjet 3050 J610 series Help (Version: 140.0.63.63) HP Deskjet 3050 J610 series Product Improvement Study (Version: 22.50.231.0) HP Imaging Device Functions 8.0 (Version: 8.0) HP OCR Software 8.0 (Version: 8.0) HP Photo Creations (Version: 1.0.0.3781) HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0) HP Product Assistant (Version: 100.000.001.000) HP Solution Center 8.0 (Version: 8.0) HP Update (Version: 5.003.001.001) HPProductAssistant (Version: 82.0.173.000) iCloud (Version: 2.1.2.8) Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager iTunes (Version: 11.1.2.32) Lexmark Pro200-S500 Series Lexmark Tools for Office (Version: 1.29.0.0) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook Connector (Version: 14.0.5118.5000) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Works (Version: 9.7.0621) Microsoft XML Parser (Version: 8.20.8730.4) Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0) Mozilla Maintenance Service (Version: 24.0) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0) Pdf995 QuickTime (Version: 7.74.80.86) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000) Realtek High Definition Audio Driver (Version: 6.0.1.5599) RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02) Scan (Version: 8.1.0.0) Skype™ 6.9 (Version: 6.9.106) SmartAudio SolutionCenter (Version: 82.0.188.000) Status (Version: 110.0.180.000) Stellar Phoenix Outlook PST Repair v4.5 Synaptics Pointing Device Driver (Version: 11.2.4.0) Toolbox (Version: 82.0.173.000) TOSHIBA Assist (Version: 2.01.04) TOSHIBA ConfigFree (Version: 7.2.13) TOSHIBA Disc Creator (Version: 2.0.1.3) TOSHIBA DVD PLAYER (Version: 1.31.14) TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00) TOSHIBA Hardware Setup (Version: 2.00.08) TOSHIBA Manuals (Version: 7.40) Toshiba Online Product Information (Version: 1.00.0012) TOSHIBA Recovery Disc Creator (Version: 2.0.0.1b) TOSHIBA SD Memory Utilities (Version: 1.8.1.3) TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04)) TOSHIBA Supervisor Password (Version: 2.00.04) Toshiba TEMPRO (Version: 1.1) TOSHIBA Value Added Package (Version: 1.1.19) TrayApp (Version: 110.0.180.000) TRDCReminder (Version: 1.00.0015) TRORDCLauncher (Version: 1.0.0.1) TrueSuite Access Manager (Version: 2.5.29.0) UnloadSupport (Version: 1.00.0000) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01) Visual Studio C++ 10.0 Runtime (Version: 10.0.0) VLC media player 2.0.8 (Version: 2.0.8) WebReg (Version: 82.0.173.000) Windows Media Encoder 9 Series Windows Media Encoder 9 Series (Version: 9.00.3374) Yahoo! Detect ========================= Devices: ================================ Name: Microsoft ISATAP Adapter #13 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ========================= Memory info: =================================== Percentage of memory in use: 49% Total physical RAM: 2939.25 MB Available physical RAM: 1484.13 MB Total Pagefile: 6286.76 MB Available Pagefile: 4307.68 MB Total Virtual: 2047.88 MB Available Virtual: 1946.23 MB ========================= Partitions: ===================================== 1 Drive c: (Vista) (Fixed) (Total:148.89 GB) (Free:18.45 GB) NTFS 2 Drive e: (Data) (Fixed) (Total:147.73 GB) (Free:21.32 GB) NTFS ========================= Users: ======================================== User accounts for \\JONNYMARMOTTE Administrator Guest Jonny Marmotte ========================= Minidump Files ================================== C:\Windows\Minidump\Mini090213-01.dmp **** End of log ****

Hard drive still racing often for no apparent reason. It just took me 4 times to log into this forum. No audio output from front jack - this is not easy is it?

Results of screen317's Security Check version 0.99.76 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! ESET Smart Security 4.0 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus ekrn.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 21 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

it seems ok today - just before uninstalling flas player it breturned to being a little sluggish but besides that, it has been running pretty well. do i need to perform any other checks to be sure or am i know good to go?

flash player uninstalled and back installed again

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013 Ran by Jonny Marmotte at 2013-11-01 21:10:06 Run:1 Running from C:\Users\Jonny Marmotte\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {A1C557A3-7B9F-42EB-9358-0DBECADE8AC0} URL = http://www.bing.com/...rc=IE-SearchBox Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File Task: {3736FA67-EA38-4FC5-A1B7-ADC52EB5E4F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages ***************** HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A1C557A3-7B9F-42EB-9358-0DBECADE8AC0} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{A1C557A3-7B9F-42EB-9358-0DBECADE8AC0} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Value deleted successfully. HKCR\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3736FA67-EA38-4FC5-A1B7-ADC52EB5E4F0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3736FA67-EA38-4FC5-A1B7-ADC52EB5E4F0} => Key deleted successfully. C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully. ==== End of Fixlog ====

I have this pop up coming up all the time now too.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013 Ran by Jonny Marmotte at 2013-11-01 10:00:27 Running from C:\Users\Jonny Marmotte\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET Smart Security 4.0 (Disabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5} AS: ESET Smart Security 4.0 (Disabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 1400 (Version: 82.0.242.000) 1400_Help (Version: 82.0.242.000) 1400Trb (Version: 82.0.242.000) 32 Bit HP CIO Components Installer (Version: 7.1.8) Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0) Adobe AIR (Version: 3.4.0.2710) Adobe Flash Player 11 ActiveX (Version: 11.9.900.117) Adobe Flash Player 11 Plugin (Version: 11.9.900.117) Adobe Media Player (Version: 0.0.0) Adobe Media Player (Version: 1.1) Adobe Reader X (10.1.4) (Version: 10.1.4) AIO_CDB_ProductContext (Version: 82.0.242.000) AIO_CDB_Software (Version: 82.0.242.000) AIO_Scan (Version: 82.0.173.000) Apple Application Support (Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (Version: 2.1.3.127) Bonjour (Version: 3.0.0.10) BufferChm (Version: 82.0.173.000) CD/DVD Drive Acoustic Silencer (Version: 2.02.03) Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000) Constant Contact QuickImport v2 for Outlook (Version: 2.7.0) Copy (Version: 120.0.214.000) Coupon Printer for Windows (Version: 5.0.0.0) Destination Component (Version: 090.000.091.086) DeviceDiscovery (Version: 110.0.180.000) DeviceManagementQFolder (Version: 1.00.0000) DocProc (Version: 8.1.0.0) DocProcQFolder (Version: 1.00.0000) Dropbox (HKCU Version: 2.4.2) ERUNT 1.1j ESET Smart Security (Version: 4.0.467.0) eSupportQFolder (Version: 1.00.0000) Fax (Version: 120.0.194.000) Garmin BaseCamp (Version: 3.3.3) HDMI Control Manager (Version: 1.7) HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0) HP Deskjet 3050 J610 series Help (Version: 140.0.63.63) HP Deskjet 3050 J610 series Product Improvement Study (Version: 22.50.231.0) HP Imaging Device Functions 8.0 (Version: 8.0) HP OCR Software 8.0 (Version: 8.0) HP Photo Creations (Version: 1.0.0.3781) HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0) HP Product Assistant (Version: 100.000.001.000) HP Solution Center 8.0 (Version: 8.0) HP Update (Version: 5.003.001.001) HPProductAssistant (Version: 82.0.173.000) iCloud (Version: 2.1.2.8) Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager iTunes (Version: 11.1.2.32) Lexmark Pro200-S500 Series Lexmark Tools for Office (Version: 1.29.0.0) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook Connector (Version: 14.0.5118.5000) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Works (Version: 9.7.0621) Microsoft XML Parser (Version: 8.20.8730.4) Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0) Mozilla Maintenance Service (Version: 24.0) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0) Pdf995 QuickTime (Version: 7.74.80.86) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000) Realtek High Definition Audio Driver (Version: 6.0.1.5599) RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02) Scan (Version: 8.1.0.0) Skype™ 6.9 (Version: 6.9.106) SmartAudio SolutionCenter (Version: 82.0.188.000) Status (Version: 110.0.180.000) Stellar Phoenix Outlook PST Repair v4.5 Synaptics Pointing Device Driver (Version: 11.2.4.0) Toolbox (Version: 82.0.173.000) TOSHIBA Assist (Version: 2.01.04) TOSHIBA ConfigFree (Version: 7.2.13) TOSHIBA Disc Creator (Version: 2.0.1.3) TOSHIBA DVD PLAYER (Version: 1.31.14) TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00) TOSHIBA Hardware Setup (Version: 2.00.08) TOSHIBA Manuals (Version: 7.40) Toshiba Online Product Information (Version: 1.00.0012) TOSHIBA Recovery Disc Creator (Version: 2.0.0.1b) TOSHIBA SD Memory Utilities (Version: 1.8.1.3) TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04)) TOSHIBA Supervisor Password (Version: 2.00.04) Toshiba TEMPRO (Version: 1.1) TOSHIBA Value Added Package (Version: 1.1.19) TrayApp (Version: 110.0.180.000) TRDCReminder (Version: 1.00.0015) TRORDCLauncher (Version: 1.0.0.1) TrueSuite Access Manager (Version: 2.5.29.0) UnloadSupport (Version: 1.00.0000) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01) Visual Studio C++ 10.0 Runtime (Version: 10.0.0) VLC media player 2.0.8 (Version: 2.0.8) WebReg (Version: 82.0.173.000) Windows Media Encoder 9 Series Windows Media Encoder 9 Series (Version: 9.00.3374) Yahoo! Detect ==================== Restore Points ========================= 31-10-2013 12:07:59 Scheduled Checkpoint 31-10-2013 20:57:05 Removed Java 6 Update 26 ==================== Hosts content: ========================== 2006-11-02 11:23 - 2013-10-31 12:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3736FA67-EA38-4FC5-A1B7-ADC52EB5E4F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {9368BD08-666E-44A5-A938-B4EF1A2AF7EA} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {9A26DC97-0B17-4E64-8E2E-7864E8707B46} - System32\Tasks\{4F051B81-3C38-428F-83AA-C02DDB34BD58} => C:\Program Files\Skype\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] () Task: {F0ADB175-7A1C-4BA0-92BB-D9AEF7A66642} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated) Task: {F32CBF30-E52C-45C1-82D2-952F23DB98F9} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2008-03-06 10:14 - 2008-03-06 10:14 - 05121912 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll 2007-12-14 21:40 - 2007-12-14 21:40 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll 2008-07-01 16:01 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll 2007-12-25 12:03 - 2007-12-25 12:03 - 00015184 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll 2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll 2011-01-03 16:24 - 2009-12-16 18:04 - 00389120 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebscw.dll 2011-01-03 16:30 - 2009-05-27 13:16 - 00192512 _____ () C:\Windows\system32\spool\drivers\w32x86\3\lxebdatr.dll 2011-01-03 16:24 - 2009-12-16 18:07 - 01159168 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebDRS.dll 2011-01-03 16:24 - 2009-03-10 06:43 - 00155648 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebcaps.dll 2011-01-03 16:03 - 2009-02-20 09:48 - 00299008 _____ () C:\Windows\system32\lxebsm.dll 2011-01-03 16:03 - 2009-04-28 08:56 - 00024064 _____ () C:\Windows\system32\lxebsmr.dll 2011-01-03 16:24 - 2009-03-30 13:37 - 00708608 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Epwizard.DLL 2011-01-03 16:24 - 2009-03-30 13:35 - 00159744 _____ () C:\Program Files\Lexmark Pro200-S500 Series\customui.dll 2011-01-03 16:24 - 2009-03-30 13:35 - 00118784 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Eputil.DLL 2011-01-03 16:24 - 2009-03-30 13:35 - 00139264 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Imagutil.DLL 2011-01-03 16:24 - 2009-03-30 13:35 - 00061440 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Epfunct.DLL 2011-01-03 16:24 - 2009-06-23 12:09 - 02203648 _____ () C:\Program Files\Lexmark Pro200-S500 Series\EPWizRes.dll 2011-01-03 16:24 - 2009-06-23 12:10 - 00049152 _____ () C:\Program Files\Lexmark Pro200-S500 Series\epstring.dll 2011-01-03 16:24 - 2009-06-23 12:11 - 00094208 _____ () C:\Program Files\Lexmark Pro200-S500 Series\EPOEMDll.dll 2011-01-03 16:24 - 2009-04-07 20:25 - 00409600 _____ () C:\Program Files\Lexmark Pro200-S500 Series\iptk.dll 2011-01-03 16:24 - 2009-03-02 15:25 - 00151552 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebptp.dll 2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\libcef.dll 2009-02-05 18:39 - 2008-03-26 14:15 - 00540672 _____ () C:\Windows\system32\RTCOM\RTCOMDLL.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Microsoft ISATAP Adapter #13 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (11/01/2013 03:24:40 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (11/01/2013 03:24:53 AM) (Source: Service Control Manager) (User: ) Description: Lbd Error: (11/01/2013 03:24:50 AM) (Source: Service Control Manager) (User: ) Description: HP CUE DeviceDiscovery Service Error: (11/01/2013 03:24:41 AM) (Source: Service Control Manager) (User: ) Description: lxebCATSCustConnectService%%1053 Error: (11/01/2013 03:24:41 AM) (Source: Service Control Manager) (User: ) Description: 30000lxebCATSCustConnectService Error: (11/01/2013 03:24:41 AM) (Source: Service Control Manager) (User: ) Description: HWDeviceService.exe%%2 Error: (11/01/2013 03:22:51 AM) (Source: volmgr) (User: ) Description: Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. Error: (11/01/2013 03:22:40 AM) (Source: volmgr) (User: ) Description: Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. Error: (11/01/2013 03:19:16 AM) (Source: DCOM) (User: ) Description: {C2BFE331-6739-4270-86C9-493D9A04CD38} Microsoft Office Sessions: ========================= Error: (10/27/2013 01:39:20 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 221951 seconds with 9420 seconds of active time. This session ended with a crash. Error: (10/11/2013 08:19:57 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 117920 seconds with 12300 seconds of active time. This session ended with a crash. Error: (09/30/2013 06:17:03 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15576 seconds with 10560 seconds of active time. This session ended with a crash. Error: (07/30/2013 09:50:43 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69744 seconds with 2700 seconds of active time. This session ended with a crash. Error: (06/11/2013 09:51:01 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90092 seconds with 1320 seconds of active time. This session ended with a crash. Error: (05/02/2013 04:19:30 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 594191 seconds with 38280 seconds of active time. This session ended with a crash. Error: (04/20/2013 07:42:51 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 49500 seconds with 4680 seconds of active time. This session ended with a crash. Error: (04/04/2013 10:38:50 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 148360 seconds with 8760 seconds of active time. This session ended with a crash. Error: (04/02/2013 05:25:51 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66194 seconds with 11460 seconds of active time. This session ended with a crash. Error: (03/22/2013 01:14:32 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14895 seconds with 2700 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-11-01 10:00:17.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:16.731 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:16.185 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:15.701 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:15.186 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:14.656 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:14.141 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 10:00:13.611 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 09:59:49.866 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SbFw.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-01 09:59:49.398 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SbFw.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 51% Total physical RAM: 2939.25 MB Available physical RAM: 1411.17 MB Total Pagefile: 6292.76 MB Available Pagefile: 4520.32 MB Total Virtual: 2047.88 MB Available Virtual: 1899.24 MB ==================== Drives ================================ Drive c: (Vista) (Fixed) (Total:148.89 GB) (Free:16.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (Data) (Fixed) (Total:147.73 GB) (Free:21.27 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4BCB0FB6) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013 Ran by Jonny Marmotte (administrator) on JONNYMARMOTTE on 01-11-2013 09:59:40 Running from C:\Users\Jonny Marmotte\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AuthenTec Inc.) C:\Windows\system32\TAMSvr.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Agere Systems) C:\Windows\system32\agrsmsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (CrypKey (Canada) Ltd.) C:\Windows\system32\crypserv.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (France Telecom SA) C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe ( ) C:\Windows\system32\lxebcoms.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TempoSVC.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (AuthenTec, Inc) C:\Program Files\TrueSuite Access Manager\FpNotifier.exe () C:\Program Files\TrueSuite Access Manager\usbnotify.exe (Arachnoid Biometrics Identification Group) C:\Program Files\TrueSuite Access Manager\PwdBank.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe () C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe () C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (Dropbox, Inc.) C:\Users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\system32\conime.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.) HKLM\...\Run: [NDSTray.exe] - NDSTray.exe HKLM\...\Run: [topi] - C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe [581632 2007-07-10] (TOSHIBA) HKLM\...\Run: [Toshiba TEMPO] - C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [103824 2008-04-24] (Toshiba Europe GmbH) HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe [716800 2008-04-26] (TOSHIBA Corporation.) HKLM\...\Run: [TPwrMain] - C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [431456 2008-01-17] (TOSHIBA Corporation) HKLM\...\Run: [HSON] - C:\Program Files\Toshiba\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation) HKLM\...\Run: [smoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] - C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [716800 2008-03-19] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [574864 2008-01-11] (Toshiba) HKLM\...\Run: [FingerPrintNotifer] - C:\Program Files\TrueSuite Access Manager\FpNotifier.exe [704512 2008-10-21] (AuthenTec, Inc) HKLM\...\Run: [usbMonitor] - C:\Program Files\TrueSuite Access Manager\usbnotify.exe [94208 2009-04-23] () HKLM\...\Run: [PwdBank] - C:\Program Files\TrueSuite Access Manager\PwdBank.exe [3200512 2009-04-23] (Arachnoid Biometrics Identification Group) HKLM\...\Run: [skytel] - C:\Windows\SkyTel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2054360 2009-09-11] (ESET) HKLM\...\Run: [lxebmon.exe] - C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe [770728 2010-01-18] () HKLM\...\Run: [EzPrint] - C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe [139944 2010-01-18] () HKLM\...\Run: [Lexmark Pro200-S500 Series Fax Server] - C:\Program Files\Lexmark Pro200-S500 Series\fm3032.exe [316072 2010-01-18] () HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.) HKCU\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [iCloudServices] - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.) HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA) HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Jonny Marmotte\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE () Startup: C:\Users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=050813 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {A1C557A3-7B9F-42EB-9358-0DBECADE8AC0} URL = http://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=050813&q={searchTerms}&src=IE-SearchBox Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Jonny Marmotte\AppData\Roaming\Mozilla\Firefox\Profiles\qyq5zvd7.default FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Jonny Marmotte\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml FF Extension: Garmin Communicator - C:\Users\Jonny Marmotte\AppData\Roaming\Mozilla\Firefox\Profiles\qyq5zvd7.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: No Name - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird ========================== Services (Whitelisted) ================= R2 Authentec memory manager; C:\Windows\System32\TAMSvr.exe [49152 2008-11-05] (AuthenTec Inc.) R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-17] (TOSHIBA CORPORATION) R2 Crypkey License; C:\Windows\System32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-09-11] (ESET) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [735960 2009-09-11] (ESET) R2 FTRTSVC; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [69632 2009-08-24] (France Telecom SA) S2 lxebCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxebserv.exe [193192 2010-04-14] (Lexmark International, Inc.) R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [598696 2010-01-07] ( ) R2 TempoMonitoringService; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [99720 2008-04-24] (Toshiba Europe GmbH) R2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe -/service [x] S3 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x] ==================== Drivers (Whitelisted) ==================== R0 AlfaFF; C:\Windows\System32\drivers\AlfaFF.sys [42608 2008-03-14] (Alfa Corporation) S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2007-07-27] (Avanquest Software) R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116008 2009-09-11] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-09-11] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [135048 2009-09-11] (ESET) R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33096 2009-06-19] (ESET) R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [38240 2009-09-11] (ESET) S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () S3 PCAMp50; C:\Windows\System32\Drivers\PCAMp50.sys [28224 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA)) S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA)) R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [223864 2011-12-19] (GFI Software) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25216 2012-09-17] (The OpenVPN Project) S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2008-07-15] (Chicony Electronics Co., Ltd.) U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation) U5 ATSWPDRV; C:\Windows\System32\Drivers\ATSWPDRV.sys [146944 2008-10-21] (AuthenTec, Inc.) S3 catchme; \??\C:\Users\JONNYM~1\AppData\Local\Temp\catchme.sys [x] S3 ew_mbbusbdev; system32\DRIVERS\ew_mbbusbdev.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x] S0 Lbd; system32\DRIVERS\Lbd.sys [x] S3 mbbdatacard; system32\DRIVERS\ewusbmdm.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S3 Tosrfcom; No ImagePath S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-01 09:58 - 2013-11-01 09:58 - 00000000 ____D C:\FRST 2013-11-01 09:57 - 2013-11-01 09:57 - 01089445 _____ (Farbar) C:\Users\Jonny Marmotte\Desktop\FRST.exe 2013-11-01 03:24 - 2013-11-01 03:24 - 00000991 _____ C:\Users\Jonny Marmotte\Desktop\AdwCleaner[s1].txt 2013-11-01 03:07 - 2013-11-01 03:07 - 01060070 _____ C:\Users\Jonny Marmotte\Desktop\AdwCleaner.exe 2013-10-31 23:40 - 2013-10-31 23:40 - 00001036 _____ C:\Users\Jonny Marmotte\Desktop\JRT.txt 2013-10-31 23:34 - 2013-10-31 23:34 - 01033335 _____ (Thisisu) C:\Users\Jonny Marmotte\Desktop\JRT.exe 2013-10-31 23:34 - 2013-10-31 23:34 - 00000000 ____D C:\Windows\ERUNT 2013-10-31 22:33 - 2013-10-31 23:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-31 22:32 - 2013-10-31 23:32 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\mbar 2013-10-31 22:32 - 2013-10-31 22:32 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-31 22:17 - 2013-10-31 22:17 - 00007943 _____ C:\Users\Jonny Marmotte\Desktop\JavaRa.log 2013-10-31 22:16 - 2013-10-31 22:18 - 00010932 _____ C:\JavaRa.log 2013-10-31 22:11 - 2013-10-31 22:11 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\JavaRa-1.16-28-5-13 2013-10-31 22:10 - 2013-10-31 22:10 - 00165483 _____ C:\Users\Jonny Marmotte\Desktop\JavaRa-1.16-28-5-13.zip 2013-10-31 16:40 - 2013-10-31 16:40 - 00000000 _____ C:\Windows\setuperr.log 2013-10-31 16:40 - 2013-10-31 16:40 - 00000000 _____ C:\Windows\setupact.log 2013-10-31 15:08 - 2013-10-31 15:08 - 00009555 _____ C:\Users\Jonny Marmotte\Documents\TdF plan.xlsx 2013-10-31 13:59 - 2013-10-31 13:59 - 00012708 _____ C:\Users\Jonny Marmotte\Desktop\combofix.log 2013-10-31 12:30 - 2013-10-31 12:30 - 00012708 _____ C:\ComboFix.txt 2013-10-31 12:08 - 2013-10-31 12:30 - 00000000 ____D C:\ComboFix 2013-10-31 12:08 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2013-10-31 12:08 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2013-10-31 12:08 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-10-31 12:08 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-10-31 12:08 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-10-31 12:08 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2013-10-31 12:08 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2013-10-31 12:08 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2013-10-31 12:06 - 2013-10-31 12:30 - 00000000 ____D C:\Qoobox 2013-10-31 11:57 - 2013-10-31 11:53 - 05137879 ____R (Swearware) C:\Users\Jonny Marmotte\Desktop\ComboFix.exe 2013-10-30 09:44 - 2013-10-30 09:44 - 00002931 _____ C:\Users\Jonny Marmotte\Desktop\RKreport[0]_S_10302013_094400.txt 2013-10-30 09:36 - 2013-10-30 09:45 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\RK_Quarantine 2013-10-30 09:33 - 2013-10-30 09:33 - 00002382 _____ C:\Users\Jonny Marmotte\Documents\AdwCleaner[s0].txt 2013-10-30 09:32 - 2013-10-30 09:32 - 00031952 _____ C:\Users\Jonny Marmotte\Documents\README.TXT 2013-10-30 09:29 - 2013-10-31 12:27 - 00000000 ____D C:\Windows\ERDNT 2013-10-30 09:27 - 2013-10-30 09:28 - 00000000 ____D C:\Program Files\ERUNT 2013-10-30 09:27 - 2013-10-30 09:27 - 00000698 _____ C:\Users\Jonny Marmotte\Desktop\NTREGOPT.lnk 2013-10-30 09:27 - 2013-10-30 09:27 - 00000679 _____ C:\Users\Jonny Marmotte\Desktop\ERUNT.lnk 2013-10-30 09:22 - 2013-10-30 09:24 - 00003770 _____ C:\Users\Jonny Marmotte\Desktop\Rkill.txt 2013-10-29 23:46 - 2013-11-01 03:17 - 00000000 ____D C:\AdwCleaner 2013-10-29 22:23 - 2013-10-29 22:23 - 00014961 _____ C:\Users\Jonny Marmotte\Desktop\dds.txt 2013-10-29 22:23 - 2013-10-29 22:23 - 00013155 _____ C:\Users\Jonny Marmotte\Desktop\attach.txt 2013-10-29 17:27 - 2013-10-29 17:27 - 00000871 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-29 17:27 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-26 02:24 - 2013-10-26 02:24 - 00001629 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-10-26 02:23 - 2013-10-26 02:24 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-10-26 02:23 - 2013-10-26 02:24 - 00000000 ____D C:\Program Files\iTunes 2013-10-26 02:23 - 2013-10-26 02:23 - 00000000 ____D C:\Program Files\iPod 2013-10-25 13:53 - 2013-10-31 15:13 - 00013222 _____ C:\Users\Jonny Marmotte\Documents\Rough Outline TdF 2014.xlsx 2013-10-13 10:57 - 2013-10-13 10:57 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Local\ABBYY 2013-10-09 09:47 - 2013-09-22 11:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 09:47 - 2013-09-22 11:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 09:47 - 2013-09-22 11:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-10-09 09:47 - 2013-09-22 11:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 09:47 - 2013-09-22 11:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 09:47 - 2013-09-22 11:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-10-09 09:47 - 2013-09-22 11:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 09:47 - 2013-09-22 11:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-10-09 09:47 - 2013-09-22 11:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 09:47 - 2013-09-22 11:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-10-09 09:47 - 2013-09-22 11:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 09:47 - 2013-09-22 11:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 09:47 - 2013-09-22 11:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 09:47 - 2013-09-22 11:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-10-09 09:47 - 2013-09-22 10:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-09 09:46 - 2013-09-22 11:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-08 23:25 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-08 23:25 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-08 23:25 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-08 23:25 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-08 23:25 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-08 23:25 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-08 23:25 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-08 23:25 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-08 23:25 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-08 23:25 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-08 23:24 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-10-08 23:24 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-10-08 23:24 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-10-08 23:24 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-10-08 23:24 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-10-08 23:24 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-08 23:24 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-10-08 23:24 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-10-08 23:24 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-10-08 23:24 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-08 23:24 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-10-08 23:24 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-08 23:24 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-08 23:24 - 2013-07-03 05:27 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll 2013-10-08 23:24 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-08 23:24 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-08 23:24 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys ==================== One Month Modified Files and Folders ======= 2013-11-01 09:58 - 2013-11-01 09:58 - 00000000 ____D C:\FRST 2013-11-01 09:57 - 2013-11-01 09:57 - 01089445 _____ (Farbar) C:\Users\Jonny Marmotte\Desktop\FRST.exe 2013-11-01 09:54 - 2013-02-04 08:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-01 09:45 - 2009-05-04 17:25 - 01547275 _____ C:\Windows\WindowsUpdate.log 2013-11-01 09:45 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-01 09:45 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-01 03:52 - 2009-11-04 03:01 - 00000000 ____D C:\Program Files\ESET 2013-11-01 03:25 - 2010-11-29 17:13 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\Dropbox 2013-11-01 03:24 - 2013-11-01 03:24 - 00000991 _____ C:\Users\Jonny Marmotte\Desktop\AdwCleaner[s1].txt 2013-11-01 03:24 - 2010-11-29 17:14 - 00000000 ___RD C:\Users\Jonny Marmotte\Documents\My Dropbox 2013-11-01 03:23 - 2011-01-15 20:12 - 00136772 _____ C:\Windows\error.log 2013-11-01 03:23 - 2011-01-03 16:29 - 00190770 _____ C:\ProgramData\lxebscan.log 2013-11-01 03:23 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-01 03:22 - 2011-01-15 20:12 - 00031273 _____ C:\Windows\errord.log 2013-11-01 03:21 - 2006-11-02 14:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-01 03:17 - 2013-10-29 23:46 - 00000000 ____D C:\AdwCleaner 2013-11-01 03:07 - 2013-11-01 03:07 - 01060070 _____ C:\Users\Jonny Marmotte\Desktop\AdwCleaner.exe 2013-10-31 23:40 - 2013-10-31 23:40 - 00001036 _____ C:\Users\Jonny Marmotte\Desktop\JRT.txt 2013-10-31 23:34 - 2013-10-31 23:34 - 01033335 _____ (Thisisu) C:\Users\Jonny Marmotte\Desktop\JRT.exe 2013-10-31 23:34 - 2013-10-31 23:34 - 00000000 ____D C:\Windows\ERUNT 2013-10-31 23:32 - 2013-10-31 22:32 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\mbar 2013-10-31 23:30 - 2013-10-31 22:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-31 22:32 - 2013-10-31 22:32 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-31 22:18 - 2013-10-31 22:16 - 00010932 _____ C:\JavaRa.log 2013-10-31 22:17 - 2013-10-31 22:17 - 00007943 _____ C:\Users\Jonny Marmotte\Desktop\JavaRa.log 2013-10-31 22:11 - 2013-10-31 22:11 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\JavaRa-1.16-28-5-13 2013-10-31 22:10 - 2013-10-31 22:10 - 00165483 _____ C:\Users\Jonny Marmotte\Desktop\JavaRa-1.16-28-5-13.zip 2013-10-31 22:10 - 2006-11-02 11:33 - 00759910 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-31 22:02 - 2008-01-21 03:47 - 07278480 _____ C:\Windows\PFRO.log 2013-10-31 21:58 - 2013-10-01 09:17 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-31 21:51 - 2009-05-08 07:06 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\Skype 2013-10-31 16:40 - 2013-10-31 16:40 - 00000000 _____ C:\Windows\setuperr.log 2013-10-31 16:40 - 2013-10-31 16:40 - 00000000 _____ C:\Windows\setupact.log 2013-10-31 15:13 - 2013-10-25 13:53 - 00013222 _____ C:\Users\Jonny Marmotte\Documents\Rough Outline TdF 2014.xlsx 2013-10-31 15:08 - 2013-10-31 15:08 - 00009555 _____ C:\Users\Jonny Marmotte\Documents\TdF plan.xlsx 2013-10-31 13:59 - 2013-10-31 13:59 - 00012708 _____ C:\Users\Jonny Marmotte\Desktop\combofix.log 2013-10-31 12:30 - 2013-10-31 12:30 - 00012708 _____ C:\ComboFix.txt 2013-10-31 12:30 - 2013-10-31 12:08 - 00000000 ____D C:\ComboFix 2013-10-31 12:30 - 2013-10-31 12:06 - 00000000 ____D C:\Qoobox 2013-10-31 12:30 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default 2013-10-31 12:30 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public 2013-10-31 12:27 - 2013-10-30 09:29 - 00000000 ____D C:\Windows\ERDNT 2013-10-31 12:25 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini 2013-10-31 12:24 - 2009-05-04 17:48 - 00000000 ____D C:\Users\Jonny Marmotte 2013-10-31 11:53 - 2013-10-31 11:57 - 05137879 ____R (Swearware) C:\Users\Jonny Marmotte\Desktop\ComboFix.exe 2013-10-30 09:45 - 2013-10-30 09:36 - 00000000 ____D C:\Users\Jonny Marmotte\Desktop\RK_Quarantine 2013-10-30 09:44 - 2013-10-30 09:44 - 00002931 _____ C:\Users\Jonny Marmotte\Desktop\RKreport[0]_S_10302013_094400.txt 2013-10-30 09:33 - 2013-10-30 09:33 - 00002382 _____ C:\Users\Jonny Marmotte\Documents\AdwCleaner[s0].txt 2013-10-30 09:32 - 2013-10-30 09:32 - 00031952 _____ C:\Users\Jonny Marmotte\Documents\README.TXT 2013-10-30 09:28 - 2013-10-30 09:27 - 00000000 ____D C:\Program Files\ERUNT 2013-10-30 09:27 - 2013-10-30 09:27 - 00000698 _____ C:\Users\Jonny Marmotte\Desktop\NTREGOPT.lnk 2013-10-30 09:27 - 2013-10-30 09:27 - 00000679 _____ C:\Users\Jonny Marmotte\Desktop\ERUNT.lnk 2013-10-30 09:24 - 2013-10-30 09:22 - 00003770 _____ C:\Users\Jonny Marmotte\Desktop\Rkill.txt 2013-10-29 22:23 - 2013-10-29 22:23 - 00014961 _____ C:\Users\Jonny Marmotte\Desktop\dds.txt 2013-10-29 22:23 - 2013-10-29 22:23 - 00013155 _____ C:\Users\Jonny Marmotte\Desktop\attach.txt 2013-10-29 22:18 - 2010-03-10 23:43 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\BitTorrent 2013-10-29 17:27 - 2013-10-29 17:27 - 00000871 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-26 02:24 - 2013-10-26 02:24 - 00001629 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-10-26 02:24 - 2013-10-26 02:23 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-10-26 02:24 - 2013-10-26 02:23 - 00000000 ____D C:\Program Files\iTunes 2013-10-26 02:23 - 2013-10-26 02:23 - 00000000 ____D C:\Program Files\iPod 2013-10-26 02:23 - 2009-05-17 21:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-10-24 23:50 - 2009-06-17 16:59 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\vlc 2013-10-16 10:21 - 2012-05-17 02:13 - 00000000 ____D C:\Users\Jonny Marmotte\Documents\Bank Statements 2013-10-15 10:00 - 2009-05-08 07:05 - 00000000 ____D C:\ProgramData\Skype 2013-10-15 09:59 - 2010-12-23 10:31 - 00000000 ___RD C:\Program Files\Skype 2013-10-13 18:38 - 2010-11-29 17:14 - 00000993 _____ C:\Users\Jonny Marmotte\Desktop\Dropbox.lnk 2013-10-13 18:38 - 2010-11-29 17:13 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-13 18:12 - 2011-01-03 16:46 - 00000000 ____D C:\ProgramData\Lx_cats 2013-10-13 16:59 - 2009-05-07 19:33 - 00192512 _____ C:\Users\Jonny Marmotte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-13 11:24 - 2008-07-01 16:11 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-10-13 11:23 - 2009-05-05 13:06 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Roaming\Adobe 2013-10-13 11:19 - 2008-07-01 16:11 - 00000000 ____D C:\Program Files\Adobe 2013-10-13 10:57 - 2013-10-13 10:57 - 00000000 ____D C:\Users\Jonny Marmotte\AppData\Local\ABBYY 2013-10-11 20:41 - 2013-07-08 15:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-10 13:54 - 2013-02-04 08:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-10-10 13:54 - 2013-02-04 08:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-10-10 07:40 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET 2013-10-09 23:31 - 2006-11-02 13:47 - 00323064 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-09 23:28 - 2009-06-09 19:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-09 11:31 - 2008-07-01 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-09 11:18 - 2013-08-11 02:01 - 00000000 ____D C:\Windows\system32\MRT 2013-10-09 11:12 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-10-07 16:16 - 2013-05-08 07:42 - 00000000 ____D C:\Users\Jonny Marmotte\Documents\bracco Files to move or delete: ==================== C:\ProgramData\vlc-1.0.1-win32.exe Some content of TEMP: ==================== C:\Users\Jonny Marmotte\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-01 03:31 ==================== End Of Log ============================

ESET on-line scanner - no threats were found

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.29.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Jonny Marmotte :: JONNYMARMOTTE [administrator] 01/11/2013 03:36:45 mbam-log-2013-11-01 (03-36-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 211924 Time elapsed: 11 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

# AdwCleaner v3.010 - Report created 01/11/2013 at 03:17:22 # Updated 20/10/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Jonny Marmotte - JONNYMARMOTTE # Running from : C:\Users\Jonny Marmotte\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Jonny Marmotte\AppData\Roaming\Mozilla\Firefox\Profiles\qyq5zvd7.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2281 octets] - [29/10/2013 23:46:33] AdwCleaner[R1].txt - [931 octets] - [01/11/2013 03:08:10] AdwCleaner[s0].txt - [2382 octets] - [29/10/2013 23:49:25] AdwCleaner[s1].txt - [853 octets] - [01/11/2013 03:17:22] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [912 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Windows Vista Home Premium x86 Ran by Jonny Marmotte on 31/10/2013 at 23:34:42,09 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll" Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll" ~~~ Folders Successfully deleted: [Folder] "C:\Program Files\coupons" ~~~ FireFox Emptied folder: C:\Users\Jonny Marmotte\AppData\Roaming\mozilla\firefox\profiles\qyq5zvd7.default\minidumps [27 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 31/10/2013 at 23:40:14,91 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~