Help with slow computer


Recommended Posts

Hi!

My computer runs really slowly.  It takes forever to open up programs, and even longer if I am trying to save a word document, for example.  Sometime my Firefox also runs really slowly.

Also, I have been trying to update my Adobe Flash, but it just won't do it.

Thanks for your help!

Link to post
Share on other sites

Howdy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!



NEXT



Full System Scan with Malwarebytes Antimalware
 

    Please download http://www.malwarebytes.org/mbam-download.php Malwarebytes !

    Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    At the end, be sure a checkmark is placed next to the following:
        Launch Malwarebytes Anti-Malware
        A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    Click Finish.

    Run Malwarebytes Antimalware
    On the Dashboard, click the 'Update Now >>' link if it does not ask you to Update !
    After the update completes, click the 'Scan Now >>' button.
    Or, on the Dashboard, click the Scan Now >> button.
    If an update is available, click the Update Now button.
    A Threat Scan will begin.
    When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    In most cases, a restart will be required.
    Wait for the prompt to restart the computer to appear, then click on Yes.


    After the restart once you are back at your desktop, open MBAM once more.
    Click on the History tab > Application Logs.
    Double click on the scan log which shows the Date and time of the scan just performed.
    Click 'Copy to Clipboard'
    Paste the contents of the clipboard into your reply.
 

Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes Log
Thanks
Chuck

Link to post
Share on other sites

 Here is the adware cleaner log:

 

# AdwCleaner v3.212 - Report created 17/06/2014 at 22:23:16
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Suzie - SUZIE-PC
# Running from : C:\Users\Suzie\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Suzie\AppData\Local\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\prefs.js ]


*************************

AdwCleaner[R0].txt - [1508 octets] - [17/06/2014 22:17:40]
AdwCleaner[s0].txt - [1390 octets] - [17/06/2014 22:23:16]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1450 octets] ##########
 

 

Link to post
Share on other sites

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Suzie on Tue 06/17/2014 at 22:40:47.14

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{02B97ED1-B504-489C-8475-1CDECFDDEC2C}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{09CB71EB-E0CA-40F4-AA37-00F60A008DA4}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{0CF37995-F4A8-4D0D-A3DF-F7434CF60DA3}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{132CF3C8-A280-4418-827C-2280261C2297}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{135B785E-4DBA-4C94-9D45-3B011A5E2B8E}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{14D82469-847F-4609-8AD9-9FC75720ECDF}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{1A8E889C-3030-47FB-9E49-3E3C76F1F418}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{23850416-0EC3-4C81-8598-9B7F7AAA2673}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{249D71B5-1899-400C-BA13-DE58D82A355B}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{2E486218-5B93-4669-B961-51CB2D473ACD}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3586143B-36C4-4274-8A4D-1F4A01B88076}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{376EEC9D-595A-4BB8-B82B-96B5F34B3B5B}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{37A8F602-5582-4C21-99C5-4D4FC772B3BC}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3A3F9164-3D79-4D95-9F4B-47D3BF4930E5}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3C160A70-1867-4CC8-BA55-6703454A3F7F}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3C65FAD3-782C-4C6C-AC41-17EB0BACA3AE}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3F193C28-1DF6-415B-9A77-C0D97585DFC9}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{4264FD41-ECEB-417D-99DF-82AA7EB37ED4}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{44176AD8-4355-45AA-B1FC-196CE3B4D758}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{488DB383-145F-42E8-A7F5-9C5E3CA39EAB}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{58650F23-0654-493F-A254-FD6AE1DA9695}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{5E93A514-C960-472E-AD3D-33A07073ACB0}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{62BD3B25-7BB9-4AE8-B705-7C9952A0D81D}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{655A5FD7-ECE3-47CC-9544-0DC78261C211}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{685A94CA-041F-456C-9E75-08A675A6AD1A}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{68A3EDA4-0EEE-4A51-8031-39D6225A13A0}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{69F7B75A-1C5D-4F78-A359-3A8F10A19D00}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{6A39032B-204C-4A00-A887-59EEDC0D8595}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{77AEE2F5-8BFA-4826-9E7C-B0BBF07DD0F7}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{7960BCBC-C1F7-46B3-987A-36C94B037C40}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{7FF9CD2B-DC5C-4DF7-94BE-313AC68185FA}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8851D133-DFDD-4A82-AE4A-CAF92DF9E97E}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8AFCA1AB-159B-415E-8E9A-7F95A0FE04A0}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8C76207E-3D23-4CDE-904F-D502958BBFFA}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8E9A8F20-B91B-4126-B76A-4B6548732008}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{93931D8B-3295-4088-BE3F-7981B7D7E465}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9BDA48B3-12E6-41A6-9D47-C5460E073700}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9C527D93-1A9E-49E9-ACC6-E139E1CE5766}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9FA71968-2883-4BDE-B373-5ED830991B45}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{A1D5172D-4336-4C75-BBA2-A610385D44C0}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{A7606255-B389-461D-8B2C-F3A5E22084D5}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{AD2C53E4-47EE-4BD3-9E22-56664AB94157}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B140FDC9-518C-4F44-B747-5397E3880008}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B60D7703-29A9-4AEC-A9A9-3DC61EEEB618}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B6F2029E-0E05-4E8D-8947-B2C142936C27}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B80B13B2-62EE-43BA-823A-7278C91142DE}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B83396EA-267F-4DC0-AC47-BD33C8D9DE33}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B94D43F3-67EE-45A9-832F-5B8EFDAAF120}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{BD5731BF-119A-4CB4-9BCF-F32A2895183C}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{C19733FB-7724-4DC9-8C12-612A3A3DAD73}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CB92F006-02F1-4B6D-9418-512BE3B1D962}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CC4B5902-8D95-4E2E-B8E0-42EDA798A052}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CFC58227-0C9E-436E-89DD-EF809D21A083}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DA0A8FAB-B6B1-45D4-9C1B-0642087FA611}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DD3B2890-EE2A-4D03-A21F-D4F3E93DB505}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DE55FF27-D7EF-4E2D-9470-D08CD3A3CFF0}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E63CE5EB-01B1-4006-92D4-230400E6B37E}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E7DB407B-2E5C-4B1E-8049-1915D9E032AA}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E9DC63E9-863C-44F4-A3BA-9DD04D3A4FA3}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{ED719FBC-501D-4770-B143-82ABAA28BC93}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{EEAE0AFE-E533-4F2C-90C9-CB3E1BA01E0B}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{F0D41FF5-6C11-4727-B55C-D1361536EDB7}

Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{F60C7071-1384-462E-875C-B8F54DDB5B7A}

~~~ FireFox

Emptied folder: C:\Users\Suzie\AppData\Roaming\mozilla\firefox\profiles\4o17w86d.default-1393900317489\minidumps [24 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 06/17/2014 at 23:00:24.21

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Link to post
Share on other sites

 

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 6/17/2014

Scan Time: 11:13:59 PM

Logfile:

Administrator: Yes

Version: 2.00.2.1012

Malware Database: v2014.06.18.01

Rootkit Database: v2014.06.02.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Suzie

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 278921

Time Elapsed: 40 min, 33 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

 

Link to post
Share on other sites

Hi Suz, well that's not real bad logs ! But lets continue with the cleaning !

 

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.
 

 

 

 

NEXT

 

 

 

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com
 

 

 

 

NEXT

 

 

 

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   
 

 

 

Post Next:

1. RogueKiller Log

2. DDS Log

3. OTL Log

 

Thanks

Chuck

Link to post
Share on other sites

 

RogueKiller V9.0.3.0 [Jun 17 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Suzie [Admin rights]

Mode : Remove -- Date : 06/18/2014  11:35:43

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤

[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> DELETED

[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> DELETED

[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> ERROR [2]

[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> ERROR [2]

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 3 ¤¤¤

[FIREFX:Addon] 4o17w86d.default-1393900317489 : Trend Micro BEP Firefox Extension [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] -> DELETED

[FIREFX:Addon] 4o17w86d.default-1393900317489 : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> DELETED

[FIREFX:Addon] 4o17w86d.default-1393900317489 : Trend Micro NSC Firefox Extension [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] -> DELETED

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: ST9640320AS +++++

--- User ---

[MBR] 4473062d9d7a932825b5aa69687e92a2

[bSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 MB

1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 45062325 | Size: 588476 MB

User = LL1 ... OK

User = LL2 ... OK

============================================

RKreport_SCN_06182014_112920.log

* There was a button under the "Hosts" tab that said "fix Hosts"  I didn't do anything with it, because there wasn't anything in the directions about it.  Do I need to do anything with it?

Link to post
Share on other sites

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2/24/2011 12:29:31 AM

System Uptime: 6/18/2014 10:47:24 AM (1 hours ago)

.

Motherboard: ASUSTeK Computer Inc.         |  | U52F

Processor: Intel® Core i3 CPU       M 380  @ 2.53GHz | Socket 989 | 911/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 575 GiB total, 506.419 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 13 ActiveX

Adobe Flash Player 13 Plugin

Adobe Reader X (10.1.10)

Alcor Micro USB Card Reader

Amazon Cloud Player

ASUS AI Recovery

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS Power4Gear Hybrid

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ASUS_Screensaver

ATK Package

Audacity 2.0.5

Best Buy pc app

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon IJ Network Tool

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 4.0

Canon MP495 series MP Drivers

Canon MP495 series User Registration

Canon My Printer

Canon Solution Menu EX

Catan Online World

ControlDeck

CXP Color Printer Driver

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

EPSON Artisan 730 Series Printer Uninstall

ETDWare PS/2-x64 7.0.5.11_WHQL

Express Gate

Facebook Video Calling 2.0.0.447

Fast Boot

ffdshow v1.2.4475 [2012-07-12]

Fiesta Download Manager

Google Chrome Frame

Google Update Helper

Intel PROSet Wireless

Intel WiMAX Tutorial

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® PROSet/Wireless WiFi Software

Intel® Wireless Display

Intel® PROSet/Wireless WiMAX Software

Java 7 Update 55

Java Auto Updater

Junk Mail filter update

LAME v3.99.3 (for Windows)

LG USB Modem Drivers

LG VZW United Drivers

Logitech Vid HD

Logitech Webcam Software

Logitech Webcam Software Driver Package

Malwarebytes Anti-Malware version 2.0.2.1012

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft PowerPoint Viewer

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 30.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

QuickTime Alternative 3.2.2

Real Alternative 2.0.2 Lite

Realtek High Definition Audio Driver

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition

Skype Click to Call

SRS Premium Sound Control Panel

Trend Micro Titanium

Trend Micro Titanium 2012

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

USB 2.0 VGA UVC WebCam

USB Driver

Video Convert

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

Wireless Console 3

.

==== Event Viewer Messages From Past Week ========

.

6/18/2014 11:00:57 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk0\DR0.

6/18/2014 11:00:47 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

6/18/2014 10:49:40 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/18/2014 10:49:09 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Trend Micro Solution Platform service to connect.

6/18/2014 10:49:09 AM, Error: Service Control Manager [7000]  - The Trend Micro Solution Platform service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

6/18/2014 10:48:38 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 258

.

==== End Of File ===========================

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.55.2

Run by Suzie at 11:46:39 on 2014-06-18

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3885.1318 [GMT -6:00]

.

AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files (x86)\Logitech\Vid HD\Vid.exe

C:\Windows\System32\spool\drivers\x64\3\E_IATIHQA.EXE

C:\Users\Suzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\splwow64.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

uRun: [Facebook Update] "C:\Users\Suzie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [EPSON Artisan 730 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Users\Suzie\AppData\Local\Temp\E_SEF9C.tmp" /EF "HKCU"

uRun: [Amazon Cloud Player] C:\Users\Suzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

uPolicies-Explorer: NoDriveAutoRun = dword:0

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\05658434F57457563747 : DHCPNameServer = 67.215.21.202 72.21.65.14

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2456C6B696E6F574F575962756C6563737F5449393433364 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2656C6B696E6E2331323 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2656C6B696E6E2636353 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\B65797B656E64616C623 : DHCPNameServer = 192.168.2.1

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray

x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash

x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmd

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Suzie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Suzie\AppData\Roaming\Mozilla\plugins\npatgpc.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

.

============= SERVICES / DRIVERS ===============

.

R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-13 77184]

R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-12-6 379520]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-13 275912]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-6 2314240]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]

R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168]

R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104]

R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-4-13 135560]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-6 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-2 271872]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]

R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-6-18 39832]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-6 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-2-24 327704]

S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-2-24 6379288]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-5 59392]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-25 1255736]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2014-06-18 17:35:50    --------    d-----w-    C:\Users\Suzie\AppData\Local\CrashDumps

2014-06-18 17:16:02    --------    d-----w-    C:\ProgramData\RogueKiller

2014-06-18 05:13:23    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-06-18 05:12:51    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys

2014-06-18 05:12:51    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys

2014-06-18 05:12:49    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-18 04:40:43    --------    d-----w-    C:\Windows\ERUNT

2014-06-18 04:15:31    --------    d-----w-    C:\AdwCleaner

2014-06-13 02:30:31    506368    ----a-w-    C:\Windows\System32\aepdu.dll

2014-06-13 02:30:31    424448    ----a-w-    C:\Windows\System32\aeinv.dll

.

==================== Find3M  ====================

.

2014-05-30 10:02:37    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb

2014-05-30 10:02:09    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll

2014-05-30 09:39:43    548352    ----a-w-    C:\Windows\System32\vbscript.dll

2014-05-30 09:39:23    66048    ----a-w-    C:\Windows\System32\iesetup.dll

2014-05-30 09:38:29    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll

2014-05-30 09:21:23    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe

2014-05-30 09:21:05    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe

2014-05-30 09:20:36    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll

2014-05-30 09:11:24    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe

2014-05-30 09:08:22    5782528    ----a-w-    C:\Windows\System32\jscript9.dll

2014-05-30 09:02:39    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb

2014-05-30 08:55:36    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-05-30 08:44:28    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll

2014-05-30 08:43:06    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll

2014-05-30 08:42:16    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll

2014-05-30 08:28:33    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe

2014-05-30 08:27:56    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll

2014-05-30 08:24:19    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll

2014-05-30 08:23:22    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl

2014-05-30 08:10:46    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

2014-05-30 07:56:56    2266112    ----a-w-    C:\Windows\System32\wininet.dll

2014-05-30 07:56:50    4244992    ----a-w-    C:\Windows\SysWow64\jscript9.dll

2014-05-30 07:50:09    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll

2014-05-30 07:49:38    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl

2014-05-30 07:21:10    1790976    ----a-w-    C:\Windows\SysWow64\wininet.dll

2014-05-25 21:48:23    45056    ----a-w-    C:\Windows\System32\acovcnt.exe

2014-05-14 03:20:41    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-05-14 03:20:41    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe

2014-05-14 03:20:26    17938608    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe

2014-05-12 13:25:56    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys

2014-04-25 02:34:59    801280    ----a-w-    C:\Windows\System32\usp10.dll

2014-04-25 02:06:17    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll

2014-04-15 02:13:43    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys

2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys

2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll

2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll

2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll

2014-04-12 02:19:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll

2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe

2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll

2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll

2014-04-05 02:47:20    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys

2014-04-05 02:47:09    288192    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS

2014-04-01 04:46:48    130712    ----a-w-    C:\Windows\SysWow64\MSSTDFMT.DLL

2014-04-01 04:46:48    1070232    ----a-w-    C:\Windows\SysWow64\MSCOMCTL.OCX

2014-03-26 14:44:48    2002432    ----a-w-    C:\Windows\System32\msxml6.dll

2014-03-26 14:44:48    1882112    ----a-w-    C:\Windows\System32\msxml3.dll

2014-03-26 14:41:39    2048    ----a-w-    C:\Windows\System32\msxml6r.dll

2014-03-26 14:41:39    2048    ----a-w-    C:\Windows\System32\msxml3r.dll

2014-03-26 14:27:50    1389056    ----a-w-    C:\Windows\SysWow64\msxml6.dll

2014-03-26 14:27:50    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll

2014-03-26 14:25:14    2048    ----a-w-    C:\Windows\SysWow64\msxml6r.dll

2014-03-26 14:25:14    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll

2013-05-17 02:20:22    4167680    ----a-w-    C:\Program Files (x86)\GUT6E47.tmp

.

============= FINISH: 11:48:23.21 ===============

 

Link to post
Share on other sites

Hi Suz,

 

* There was a button under the "Hosts" tab that said "fix Hosts"  I didn't do anything with it, because there wasn't anything in the directions about it.  Do I need to do anything with it?

 

Nope you did the right thing, we will reset Hosts later in a fix i will write for your machine only !!

 

Will read the other logs soon & post a fix for them !

Thanks

Chuck

Link to post
Share on other sites

 

OTL Extras logfile created on: 6/18/2014 12:01:48 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Suzie\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.79 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 33.49% Memory free

7.59 Gb Paging File | 4.87 Gb Available in Paging File | 64.23% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 574.68 Gb Total Space | 506.42 Gb Free Space | 88.12% Space Free | Partition Type: NTFS

 

Computer Name: SUZIE-PC | User Name: Suzie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04451A46-B73D-4874-BC4E-307A536AE616}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{33D15B1F-B207-44D5-8F30-CBB48CC7DC21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{44167406-2E2A-4E02-8C03-D3304CDAB854}" = rport=10243 | protocol=6 | dir=out | app=system |

"{538E78A0-850C-40B0-9AFB-7F5EECC85952}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{56CCF30F-7FBB-4FD9-840F-F84F718C594C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{5B3EE5D8-6D04-4480-B43D-ED7C7755B32E}" = lport=10243 | protocol=6 | dir=in | app=system |

"{61178EB9-9342-4383-B534-478042E7AA2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{650C37CD-EC8F-48B7-869A-F2E3D863924C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{66284CE3-8A0E-4866-BE79-DFCDBFFB2C0F}" = lport=137 | protocol=17 | dir=in | app=system |

"{6DCB8D14-E3D9-4E08-99AC-E6FAE519B620}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{70AD61AA-4160-426C-A81E-B063625088A9}" = lport=445 | protocol=6 | dir=in | app=system |

"{76221C90-4129-49E7-8E1F-1F5960B4E632}" = rport=137 | protocol=17 | dir=out | app=system |

"{7B4FA3BA-8BF3-4460-A2EC-CD48447F1D0C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{858D91B0-655A-4FBB-B28A-E6713B915D08}" = lport=139 | protocol=6 | dir=in | app=system |

"{8E08B308-0ACE-45F8-9FF4-A6143DAD370F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{9F472ECD-916F-4F07-BFE2-DBF8093F7C9A}" = rport=139 | protocol=6 | dir=out | app=system |

"{A6CC7B9A-95AF-4167-8A7D-DD8040C81388}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A740C145-A9AF-45E7-A4F5-B2912BA9DC3B}" = rport=445 | protocol=6 | dir=out | app=system |

"{BCD7B3D3-B553-44F3-BD0B-90545E035C8D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{C7626F40-ADCB-4D2A-AB13-84F9EBF8EA6A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{D2FF9857-5848-4DE1-8D2A-57D73CDBBD12}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{F2135833-2D35-40CE-9E52-E2DEAA2BB7D5}" = lport=138 | protocol=17 | dir=in | app=system |

"{F2E632AE-AA74-4A1E-8693-03032BCE89F6}" = lport=2869 | protocol=6 | dir=in | app=system |

"{F960EC91-284D-4D8D-8384-55591EF2696F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F9664350-EC14-4F5D-AE22-8D0ED286CEF8}" = rport=138 | protocol=17 | dir=out | app=system |

"{FDE93504-59FB-4C66-81B4-B52AF58A1A9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0DAB4158-F9F3-4CF7-BE3E-718E1EE635BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{0EAB70FB-B00A-48C6-B224-1240B9820724}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{10301E0A-EF67-40CE-85F1-EFA4E3A00FFB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{1135EA04-D3B1-4B78-95F6-208ABDF81489}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |

"{1ABE5B74-DC1F-4281-87E7-BF5C25B1A209}" = protocol=1 | dir=out | [email protected],-28544 |

"{1CD5F30C-9134-40B0-B80F-841531007E5C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{229FE50B-D14C-478A-9E0B-618C693EE2FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{231E8254-E12B-4A65-95B8-0A5AF0ED3F44}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{2852F425-7389-4B7D-8A82-E772A5F5B0A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{30006330-E3FB-42FF-BF74-F8531E505225}" = dir=in | app=c:\users\suzie\appdata\local\facebook\video\skype\facebookvideocalling.exe |

"{3A0550F3-3E16-4F98-B174-F1A9033DA500}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{402D3518-1B92-4591-A771-7A56BCE0FF28}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |

"{4A4D0488-41AC-410D-9F06-E61435C2A861}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4EDACE42-D259-4A17-8C4E-E1C0823DAE3D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{4F50D2E4-A05C-4AAA-82B3-2A7FC9D4FB4D}" = protocol=58 | dir=out | [email protected],-28546 |

"{523C0533-B842-466A-941B-78ED810205B7}" = protocol=1 | dir=in | [email protected],-28543 |

"{5B549655-4482-4BA0-AFA2-0A0B53149EF4}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |

"{5D0044D8-03A4-4CAB-A669-BE2129707793}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{602964B0-09B4-4E5B-9073-417BC0688DEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{6230CD65-F3B8-4A22-AD07-C00977B4EAF9}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |

"{6DFDDFFE-CE4A-417F-AF61-B6A39C117D07}" = protocol=6 | dir=out | app=system |

"{7BFE4346-B38C-4FD9-826A-553EA1E9387E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{95CB7AD4-7468-4842-9641-C0A1DC7F80F1}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"{A54B3345-E285-457A-8C83-CA28E1ACEA68}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{A625DDE8-E7C1-4DA2-8571-834FBB04F29F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{CCDF99D2-0C44-4D2A-B85A-E7ADF40A8481}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{CFBAA11C-F2F2-4661-A70B-E9F1C1374E64}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |

"{D6DEFBCA-A315-41C7-BC2E-FEA5F0AE7EEA}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |

"{D8BC03A6-ACF3-47E2-86CB-E7548590D570}" = protocol=58 | dir=in | [email protected],-28545 |

"{DF8BD32F-3EBD-4548-B1D9-96E58FABA652}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{E34B04A7-F756-47BE-9093-1E6D1C267289}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |

"{EDF23671-47A9-4FBB-BDD2-7C5D2ED26BCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{EEB4F3F8-19C8-4FAC-9C27-808E7C53BDD3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F5A7703D-0294-406A-89B5-E9C5B9EFCE30}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"{FA5CB89E-6F91-4286-B340-4315BCDCCC4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |

"{FCBE5BC8-EA3C-4C08-9BD3-E3FBEE8D8065}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{FE15215D-881A-4D21-84F3-9C1802DBAE50}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"TCP Query User{08C16C80-2BAB-43E5-BDAD-3F79F4D96904}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |

"TCP Query User{0CF7C4D0-A059-4212-9E83-F0F1DEC75D05}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |

"TCP Query User{2E250583-B42C-43C1-9149-AB9F9A78B557}C:\program files (x86)\cxp\biznuri 4.0\biznuri.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cxp\biznuri 4.0\biznuri.exe |

"TCP Query User{2F8942C5-E28C-45DF-ADE1-586CEDFDB81A}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"TCP Query User{80F6FEE2-E34F-4014-AEE3-A495910A6C3B}C:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe |

"TCP Query User{A0C1E7E7-2B49-4AA4-B43A-A384528F6A2B}C:\program files (x86)\idapted\idaptedtrainerclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\idapted\idaptedtrainerclient.exe |

"TCP Query User{E615E638-847D-493D-A098-B559ABBA6B01}C:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe |

"UDP Query User{0E161125-8722-499B-B54F-C6BF5AD2BA1C}C:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe |

"UDP Query User{54A139E7-ACC0-4B9C-A7CD-4E4418FE8BDA}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |

"UDP Query User{5A652A67-7CD2-4276-9351-388C32482651}C:\program files (x86)\idapted\idaptedtrainerclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\idapted\idaptedtrainerclient.exe |

"UDP Query User{8BFBA22D-658A-404C-B599-276EC08080B7}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |

"UDP Query User{A796F493-744B-4D9A-83A2-322A838BC138}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"UDP Query User{AFD3577C-77A0-4E1F-BF6E-34C2E18FF7DA}C:\program files (x86)\cxp\biznuri 4.0\biznuri.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cxp\biznuri 4.0\biznuri.exe |

"UDP Query User{C9819A0F-394E-4B7E-B1A9-39CE924302B4}C:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers

"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot

"{1A26F3E9-1351-400B-B296-A0B24F2FDA8C}" = CXP Color Printer Driver

"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel® PROSet/Wireless WiFi Software

"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium 2012

"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app

"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL

"EPSON Artisan 730 Series" = EPSON Artisan 730 Series Printer Uninstall

"lvdrivers_12.10" = Logitech Webcam Software Driver Package

"ProInst" = Intel PROSet Wireless

"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0626417A-89F1-4401-83E0-3075FC4FB95C}" = Video Convert

"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{16EE2E7E-221B-40DD-8A9A-4311498EC930}" = LG USB Modem Drivers

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)

"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C8F7C1E5-0150-11D6-A96C-00D05908F85D}" = USB Driver

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{E86DE69E-A94E-41B6-8661-7372FCA1A83C}" = LG VZW United Drivers

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin

"ASUS_Screensaver" = ASUS_Screensaver

"Audacity_is1" = Audacity 2.0.5

"Canon MP495 series User Registration" = Canon MP495 series User Registration

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenuEX" = Canon Solution Menu EX

"Catan Online Welt" = Catan Online World

"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX

"Easy-WebPrint EX" = Canon Easy-WebPrint EX

"ffdshow_is1" = ffdshow v1.2.4475 [2012-07-12]

"F-Manager" = Fiesta Download Manager

"Google Chrome Frame" = Google Chrome Frame

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader

"LAME_is1" = LAME v3.99.3 (for Windows)

"Logitech Vid" = Logitech Vid HD

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012

"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0

"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2

"RealAlt_is1" = Real Alternative 2.0.2 Lite

"WinLiveSuite" = Windows Live Essentials

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"48e4cff94f039634" = Best Buy pc app

"Amazon Amazon Cloud Player" = Amazon Cloud Player

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 6/18/2014 1:01:48 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454

Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with

 unexpected error -1022.

 

Error - 6/18/2014 1:35:45 PM | Computer Name = Suzie-PC | Source = Application Error | ID = 1000

Description = Faulting application name: plugin-container.exe, version: 30.0.0.5269,

 time stamp: 0x53914233  Faulting module name: mozalloc.dll, version: 30.0.0.5269,

 time stamp: 0x53911393  Exception code: 0x80000003  Fault offset: 0x0000141b  Faulting

 process id: 0x6ec  Faulting application start time: 0x01cf8b1b3589aa6d  Faulting application

 path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe  Faulting module

 path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll  Report Id: f9d88131-f70e-11e3-952d-bcaec52a7529

 

Error - 6/18/2014 1:53:21 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419

Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database

C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

 

Error - 6/18/2014 1:53:21 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454

Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with

 unexpected error -1022.

 

Error - 6/18/2014 1:54:18 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419

Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database

C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

 

Error - 6/18/2014 1:54:18 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454

Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with

 unexpected error -1022.

 

Error - 6/18/2014 1:55:14 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419

Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database

C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

 

Error - 6/18/2014 1:55:15 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454

Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with

 unexpected error -1022.

 

Error - 6/18/2014 1:56:11 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419

Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database

C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

 

Error - 6/18/2014 1:56:12 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454

Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with

 unexpected error -1022.

 

[ OSession Events ]

Error - 3/3/2011 2:49:07 AM | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session

lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 4/18/2011 2:46:28 AM | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 603 seconds with 60 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 6/18/2014 1:53:47 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

 

< End of report >

 

Link to post
Share on other sites

No i haven't heard back from him !! Sorry Suz i will PM you as soon as i hear anything !

 

I do have more for you to do tho, so don't quit on me yet !! Have you noticed any improvements in it running ??

Link to post
Share on other sites

Suz .... We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus  :OTL

open the OTL program copy all in RED , make sure you include : 

and place into the box when you open the OTL program !!

 

:OTL

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =  
IE - HKU\S-1-5-21-750219145-2589332277-1375212679-1001\..\SearchScopes,DefaultScope =
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
[2011/02/24 18:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions
[2014/03/20 19:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\extensions
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/06/17 23:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]



# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

 

Link to post
Share on other sites

I hope this works, still not heard from BesTTechie to fix the problem !

 

I used the Attach Files & then copied it & pasted it, it worked but had to do some manual typing also !

 

So try & copy & paste first in your return log !

 

Chuck

 

 

It seems to be working ok now to copy/paste so give it a try, i think something was wrong with the post box that we were working in !! Other than that i am stumped !! Anyway i can paste anything now where i couldn't before !!

Link to post
Share on other sites

It is still not letting me paste, so I am putting it as a quote again. THis was my second attempt.  The first time I used the text file you posted, so  I didn't have the code just right.  I will post the First attempt log next.

 

All processes killed
========== OTL ==========
Error: Unable to stop service Amsp!
Unable to delete service\driver key Amsp.
File C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gcf\ deleted successfully.
File Protocol\Handler\gcf - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Suzie
->Java cache emptied: 0 bytes
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Suzie
->Flash cache emptied: 492 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Suzie
->Temp folder emptied: 9572 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35930511 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 240688 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 35.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
Error: Unable to interpret <
 
OTL by OldTimer - Version 3.2.69.0 log created on 06192014_105132

Files\Folders moved on Reboot...
C:\Users\Suzie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

> in the current context!

Link to post
Share on other sites

Here is the log from the first time I ran the OTL fix:

 

All processes killed
Error: Unable to interpret <

> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 06192014_100143

Files\Folders moved on Reboot...
C:\Users\Suzie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Suzie\AppData\Local\Temp\Suz.rtf moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8D90AB6D-7780-42C6-B4D7-EF728DACBC8A}.tmp moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{975DFFF3-A859-4AFD-8B73-B20D0A13D803}.tmp moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

Edited by Suz
Link to post
Share on other sites

I did the OTL fix.  In the text document that you posted, there was another thing you wanted me to download and run, but it wasn't inlcuded in your other post.  Only the OTL fix was posted there.

Can you post the other one here again?

Thanks!

Link to post
Share on other sites

Yes Suz, please run this program for me !

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.
 

 

Thanks

Chuck

Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.85 

 Windows 7 Service Pack 1 x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled! 

Trend Micro Titanium 2012  

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:`````````

 Java 7 Update 55 

 Java version out of Date!

  Adobe Flash Player 13.0.0.214 Flash Player out of Date! 

 Adobe Reader 10.1.10 Adobe Reader out of Date! 

 Mozilla Firefox (30.0)

````````Process Check: objlist.exe by Laurent```````` 

 Trend Micro AMSP coreServiceShell.exe 

 Trend Micro UniClient UiFrmWrk uiWatchDog.exe

 Trend Micro UniClient UiFrmWrk uiSeAgnt.exe

 Trend Micro AMSP coreFrameworkHost.exe 

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

 

Link to post
Share on other sites

Suz, as you can see you have some out of date programs ! So lets go into control panel/uninstall programs if present, and remove them so we can install the latest !

Uninstall

1. Java 7 Update 55

2. Adobe Flash Player 13.0.0.214

3. Adobe Reader 10.1.10

 

Java version out of Date! ......... Update Java Runtime

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 14.

   1. Go to http://java.sun.com/javase/downloads/index.jsp

 

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java
 

===========================

 

Adobe Reader out of Date! ..........  Update Adobe Reader >>> http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=5440&fileID=5441

Make sure you uncheck the box to install McAfee Security Scan Plus
 

 

========================

 

 Adobe Flash Player up date !!

 

http://www.download-update.org/lp/adobe-flash/21/

 

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

 

Let me know how it goes there on the updates !

 

 

==============================

 

 

Please download OTCleanIt and save it to desktop.

    Double-click OTCleanIt.exe. >>> http://oldtimer.geekstogo.com/OTC.exe
    Click the CleanUp! button.
    Select Yes when the "Begin cleanup Process?" prompt appears.
    If you are prompted to Reboot during the cleanup, select Yes.
    The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

 

 

==========================

 

 

 
Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
NoScript

adblock plus

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
Online Armor Free
Agnitum Outpost Firewall Free
Comodo Firewall Free
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.WOT(Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice How to prevent malware .

 

Please let me know how it's running, you are all clean of infections & PUP's !! 

It will run faster after a few normal reboots !!

 

 

Chuck

Link to post
Share on other sites

Please let me know how things are running & if there are any problems !! I will lock this topic after 5 days, if you need it re-opened please PM me or any Mod !

 

Thanks

Chuck

 

Happy Surfing

Link to post
Share on other sites

I Pm'd you on facebook, but I thought I would post here as well.  I can't get the Adobe programs to download to my computer.  I downloaded the installers, and when I double click on them the box pops up that asks me if I want to "Run" them.  I click on "run" and then nothing happens.  This is the same problem my computer has been having.  These programs wouldn't update, which is why they were outdated.

Any suggestions?

Link to post
Share on other sites
Guest
This topic is now closed to further replies.