Help with slow computer

Suz · June 17, 2014

Hi!

My computer runs really slowly. It takes forever to open up programs, and even longer if I am trying to save a word document, for example. Sometime my Firefox also runs really slowly.

Also, I have been trying to update my Adobe Flash, but it just won't do it.

Thanks for your help!

flashh4 · June 18, 2014

Howdy and welcome to BestTechie !!!

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

===================================

AdwCleaner

Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......

    This time, click on the Clean button.

    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.

NEXT

    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

NEXT

Full System Scan with Malwarebytes Antimalware

    Please download http://www.malwarebytes.org/mbam-download.php Malwarebytes !

    Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    At the end, be sure a checkmark is placed next to the following:
        Launch Malwarebytes Anti-Malware
        A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    Click Finish.

    Run Malwarebytes Antimalware
    On the Dashboard, click the 'Update Now >>' link if it does not ask you to Update !
    After the update completes, click the 'Scan Now >>' button.
    Or, on the Dashboard, click the Scan Now >> button.
    If an update is available, click the Update Now button.
    A Threat Scan will begin.
    When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    In most cases, a restart will be required.
    Wait for the prompt to restart the computer to appear, then click on Yes.

    After the restart once you are back at your desktop, open MBAM once more.
    Click on the History tab > Application Logs.
    Double click on the scan log which shows the Date and time of the scan just performed.
    Click 'Copy to Clipboard'
    Paste the contents of the clipboard into your reply.

Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes Log
Thanks
Chuck

Suz · June 18, 2014

Here is the adware cleaner log:

# AdwCleaner v3.212 - Report created 17/06/2014 at 22:23:16
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Suzie - SUZIE-PC
# Running from : C:\Users\Suzie\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Suzie\AppData\Local\PackageAware

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\prefs.js ]

*************************

AdwCleaner[R0].txt - [1508 octets] - [17/06/2014 22:17:40]
AdwCleaner[s0].txt - [1390 octets] - [17/06/2014 22:23:16]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1450 octets] ##########

Suz · June 18, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Suzie on Tue 06/17/2014 at 22:40:47.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{02B97ED1-B504-489C-8475-1CDECFDDEC2C}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{09CB71EB-E0CA-40F4-AA37-00F60A008DA4}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{0CF37995-F4A8-4D0D-A3DF-F7434CF60DA3}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{132CF3C8-A280-4418-827C-2280261C2297}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{135B785E-4DBA-4C94-9D45-3B011A5E2B8E}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{14D82469-847F-4609-8AD9-9FC75720ECDF}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{1A8E889C-3030-47FB-9E49-3E3C76F1F418}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{23850416-0EC3-4C81-8598-9B7F7AAA2673}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{249D71B5-1899-400C-BA13-DE58D82A355B}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{2E486218-5B93-4669-B961-51CB2D473ACD}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3586143B-36C4-4274-8A4D-1F4A01B88076}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{376EEC9D-595A-4BB8-B82B-96B5F34B3B5B}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{37A8F602-5582-4C21-99C5-4D4FC772B3BC}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3A3F9164-3D79-4D95-9F4B-47D3BF4930E5}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3C160A70-1867-4CC8-BA55-6703454A3F7F}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3C65FAD3-782C-4C6C-AC41-17EB0BACA3AE}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{3F193C28-1DF6-415B-9A77-C0D97585DFC9}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{4264FD41-ECEB-417D-99DF-82AA7EB37ED4}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{44176AD8-4355-45AA-B1FC-196CE3B4D758}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{488DB383-145F-42E8-A7F5-9C5E3CA39EAB}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{58650F23-0654-493F-A254-FD6AE1DA9695}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{5E93A514-C960-472E-AD3D-33A07073ACB0}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{62BD3B25-7BB9-4AE8-B705-7C9952A0D81D}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{655A5FD7-ECE3-47CC-9544-0DC78261C211}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{685A94CA-041F-456C-9E75-08A675A6AD1A}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{68A3EDA4-0EEE-4A51-8031-39D6225A13A0}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{69F7B75A-1C5D-4F78-A359-3A8F10A19D00}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{6A39032B-204C-4A00-A887-59EEDC0D8595}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{77AEE2F5-8BFA-4826-9E7C-B0BBF07DD0F7}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{7960BCBC-C1F7-46B3-987A-36C94B037C40}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{7FF9CD2B-DC5C-4DF7-94BE-313AC68185FA}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8851D133-DFDD-4A82-AE4A-CAF92DF9E97E}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8AFCA1AB-159B-415E-8E9A-7F95A0FE04A0}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8C76207E-3D23-4CDE-904F-D502958BBFFA}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{8E9A8F20-B91B-4126-B76A-4B6548732008}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{93931D8B-3295-4088-BE3F-7981B7D7E465}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9BDA48B3-12E6-41A6-9D47-C5460E073700}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9C527D93-1A9E-49E9-ACC6-E139E1CE5766}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{9FA71968-2883-4BDE-B373-5ED830991B45}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{A1D5172D-4336-4C75-BBA2-A610385D44C0}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{A7606255-B389-461D-8B2C-F3A5E22084D5}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{AD2C53E4-47EE-4BD3-9E22-56664AB94157}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B140FDC9-518C-4F44-B747-5397E3880008}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B60D7703-29A9-4AEC-A9A9-3DC61EEEB618}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B6F2029E-0E05-4E8D-8947-B2C142936C27}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B80B13B2-62EE-43BA-823A-7278C91142DE}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B83396EA-267F-4DC0-AC47-BD33C8D9DE33}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{B94D43F3-67EE-45A9-832F-5B8EFDAAF120}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{BD5731BF-119A-4CB4-9BCF-F32A2895183C}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{C19733FB-7724-4DC9-8C12-612A3A3DAD73}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CB92F006-02F1-4B6D-9418-512BE3B1D962}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CC4B5902-8D95-4E2E-B8E0-42EDA798A052}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{CFC58227-0C9E-436E-89DD-EF809D21A083}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DA0A8FAB-B6B1-45D4-9C1B-0642087FA611}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DD3B2890-EE2A-4D03-A21F-D4F3E93DB505}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{DE55FF27-D7EF-4E2D-9470-D08CD3A3CFF0}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E63CE5EB-01B1-4006-92D4-230400E6B37E}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E7DB407B-2E5C-4B1E-8049-1915D9E032AA}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{E9DC63E9-863C-44F4-A3BA-9DD04D3A4FA3}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{ED719FBC-501D-4770-B143-82ABAA28BC93}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{EEAE0AFE-E533-4F2C-90C9-CB3E1BA01E0B}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{F0D41FF5-6C11-4727-B55C-D1361536EDB7}
Successfully deleted: [Empty Folder] C:\Users\Suzie\appdata\local\{F60C7071-1384-462E-875C-B8F54DDB5B7A}
~~~ FireFox
Emptied folder: C:\Users\Suzie\AppData\Roaming\mozilla\firefox\profiles\4o17w86d.default-1393900317489\minidumps [24 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/17/2014 at 23:00:24.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Suz · June 18, 2014

Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 6/17/2014
Scan Time: 11:13:59 PM
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.18.01
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Suzie
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 278921
Time Elapsed: 40 min, 33 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)

flashh4 · June 18, 2014

Hi Suz, well that's not real bad logs ! But lets continue with the cleaning !

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.

NEXT

Download DDS and save it to your Desktop. >>> DDS

    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.

Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.

Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com

NEXT

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr

If you already have a copy of OTL delete it and use this version. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !

Post Next:

1. RogueKiller Log

2. DDS Log

3. OTL Log

Thanks

Chuck

Suz · June 18, 2014

RogueKiller V9.0.3.0 [Jun 17 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Suzie [Admin rights]
Mode : Remove -- Date : 06/18/2014 11:35:43
Â¤Â¤Â¤ Bad processes : 0 Â¤Â¤Â¤
Â¤Â¤Â¤ Registry Entries : 8 Â¤Â¤Â¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> DELETED
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> DELETED
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)
Â¤Â¤Â¤ Scheduled tasks : 0 Â¤Â¤Â¤
Â¤Â¤Â¤ Files : 0 Â¤Â¤Â¤
Â¤Â¤Â¤ HOSTS File : 0 Â¤Â¤Â¤
Â¤Â¤Â¤ Antirootkit : 0 Â¤Â¤Â¤
Â¤Â¤Â¤ Web browsers : 3 Â¤Â¤Â¤
[FIREFX:Addon] 4o17w86d.default-1393900317489 : Trend Micro BEP Firefox Extension [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] -> DELETED
[FIREFX:Addon] 4o17w86d.default-1393900317489 : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> DELETED
[FIREFX:Addon] 4o17w86d.default-1393900317489 : Trend Micro NSC Firefox Extension [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] -> DELETED
Â¤Â¤Â¤ MBR Check : Â¤Â¤Â¤
+++++ PhysicalDrive0: ST9640320AS +++++
--- User ---
[MBR] 4473062d9d7a932825b5aa69687e92a2
[bSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 45062325 | Size: 588476 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_06182014_112920.log

* There was a button under the "Hosts" tab that said "fix Hosts" I didn't do anything with it, because there wasn't anything in the directions about it. Do I need to do anything with it?

Suz · June 18, 2014

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/24/2011 12:29:31 AM
System Uptime: 6/18/2014 10:47:24 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | U52F
Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | Socket 989 | 911/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 575 GiB total, 506.419 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10)
Alcor Micro USB Card Reader
Amazon Cloud Player
ASUS AI Recovery
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS_Screensaver
ATK Package
Audacity 2.0.5
Best Buy pc app
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Catan Online World
ControlDeck
CXP Color Printer Driver
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
EPSON Artisan 730 Series Printer Uninstall
ETDWare PS/2-x64 7.0.5.11_WHQL
Express Gate
Facebook Video Calling 2.0.0.447
Fast Boot
ffdshow v1.2.4475 [2012-07-12]
Fiesta Download Manager
Google Chrome Frame
Google Update Helper
Intel PROSet Wireless
Intel WiMAX Tutorial
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® PROSet/Wireless WiFi Software
Intel® Wireless Display
IntelÂ® PROSet/Wireless WiMAX Software
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
LAME v3.99.3 (for Windows)
LG USB Modem Drivers
LG VZW United Drivers
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes Anti-Malware version 2.0.2.1012
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
QuickTime Alternative 3.2.2
Real Alternative 2.0.2 Lite
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Skype Click to Call
SRS Premium Sound Control Panel
Trend Micro Titanium
Trend Micro Titanium 2012
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 VGA UVC WebCam
USB Driver
Video Convert
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 3
.
==== Event Viewer Messages From Past Week ========
.
6/18/2014 11:00:57 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
6/18/2014 11:00:47 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
6/18/2014 10:49:40 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/18/2014 10:49:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Trend Micro Solution Platform service to connect.
6/18/2014 10:49:09 AM, Error: Service Control Manager [7000] - The Trend Micro Solution Platform service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/18/2014 10:48:38 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 258
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
Run by Suzie at 11:46:39 on 2014-06-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3885.1318 [GMT -6:00]
.
AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIHQA.EXE
C:\Users\Suzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [Facebook Update] "C:\Users\Suzie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [EPSON Artisan 730 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Users\Suzie\AppData\Local\Temp\E_SEF9C.tmp" /EF "HKCU"
uRun: [Amazon Cloud Player] C:\Users\Suzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\05658434F57457563747 : DHCPNameServer = 67.215.21.202 72.21.65.14
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2456C6B696E6F574F575962756C6563737F5449393433364 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2656C6B696E6E2331323 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\2656C6B696E6E2636353 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B10A571B-C1AE-40CB-8F7C-91BC972E6605}\B65797B656E64616C623 : DHCPNameServer = 192.168.2.1
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmd
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Suzie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Suzie\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-13 77184]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-12-6 379520]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-13 275912]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 DMAgent;IntelÂ® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-6 2314240]
R2 WiMAXAppSrv;IntelÂ® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104]
R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-4-13 135560]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-6 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-2 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-6 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-2-24 327704]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-2-24 6379288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-5 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-25 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-06-18 17:35:50   --------   d-----w-   C:\Users\Suzie\AppData\Local\CrashDumps
2014-06-18 17:16:02   --------   d-----w-   C:\ProgramData\RogueKiller
2014-06-18 05:13:23   122584   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-18 05:12:51   91352   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-18 05:12:51   63704   ----a-w-   C:\Windows\System32\drivers\mwac.sys
2014-06-18 05:12:49   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 04:40:43   --------   d-----w-   C:\Windows\ERUNT
2014-06-18 04:15:31   --------   d-----w-   C:\AdwCleaner
2014-06-13 02:30:31   506368   ----a-w-   C:\Windows\System32\aepdu.dll
2014-06-13 02:30:31   424448   ----a-w-   C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-05-30 10:02:37   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43   548352   ----a-w-   C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36   752640   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22   5782528   ----a-w-   C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36   38400   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28   455168   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06   61952   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16   51200   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33   112128   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56   592896   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19   1249280   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22   2040832   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46   32256   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56   2266112   ----a-w-   C:\Windows\System32\wininet.dll
2014-05-30 07:56:50   4244992   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09   1068032   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38   1964544   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10   1790976   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-05-25 21:48:23   45056   ----a-w-   C:\Windows\System32\acovcnt.exe
2014-05-14 03:20:41   70832   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 03:20:41   692400   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-14 03:20:26   17938608   ----a-w-   C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-05-12 13:25:56   25816   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2014-04-25 02:34:59   801280   ----a-w-   C:\Windows\System32\usp10.dll
2014-04-25 02:06:17   626688   ----a-w-   C:\Windows\SysWow64\usp10.dll
2014-04-15 02:13:43   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05   155072   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38   29184   ----a-w-   C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38   136192   ----a-w-   C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37   28160   ----a-w-   C:\Windows\System32\secur32.dll
2014-04-12 02:19:32   1460736   ----a-w-   C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05   31232   ----a-w-   C:\Windows\System32\lsass.exe
2014-04-12 02:12:06   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20   1903552   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09   288192   ----a-w-   C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-01 04:46:48   130712   ----a-w-   C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 04:46:48   1070232   ----a-w-   C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-26 14:44:48   2002432   ----a-w-   C:\Windows\System32\msxml6.dll
2014-03-26 14:44:48   1882112   ----a-w-   C:\Windows\System32\msxml3.dll
2014-03-26 14:41:39   2048   ----a-w-   C:\Windows\System32\msxml6r.dll
2014-03-26 14:41:39   2048   ----a-w-   C:\Windows\System32\msxml3r.dll
2014-03-26 14:27:50   1389056   ----a-w-   C:\Windows\SysWow64\msxml6.dll
2014-03-26 14:27:50   1237504   ----a-w-   C:\Windows\SysWow64\msxml3.dll
2014-03-26 14:25:14   2048   ----a-w-   C:\Windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14   2048   ----a-w-   C:\Windows\SysWow64\msxml3r.dll
2013-05-17 02:20:22   4167680   ----a-w-   C:\Program Files (x86)\GUT6E47.tmp
.
============= FINISH: 11:48:23.21 ===============

flashh4 · June 18, 2014

Hi Suz,

* There was a button under the "Hosts" tab that said "fix Hosts" I didn't do anything with it, because there wasn't anything in the directions about it. Do I need to do anything with it?

Nope you did the right thing, we will reset Hosts later in a fix i will write for your machine only !!

Will read the other logs soon & post a fix for them !

Thanks

Chuck

Suz · June 18, 2014

OTL Extras logfile created on: 6/18/2014 12:01:48 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Suzie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.79 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 33.49% Memory free
7.59 Gb Paging File | 4.87 Gb Available in Paging File | 64.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574.68 Gb Total Space | 506.42 Gb Free Space | 88.12% Space Free | Partition Type: NTFS

Computer Name: SUZIE-PC | User Name: Suzie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04451A46-B73D-4874-BC4E-307A536AE616}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33D15B1F-B207-44D5-8F30-CBB48CC7DC21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44167406-2E2A-4E02-8C03-D3304CDAB854}" = rport=10243 | protocol=6 | dir=out | app=system |
"{538E78A0-850C-40B0-9AFB-7F5EECC85952}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56CCF30F-7FBB-4FD9-840F-F84F718C594C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B3EE5D8-6D04-4480-B43D-ED7C7755B32E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{61178EB9-9342-4383-B534-478042E7AA2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{650C37CD-EC8F-48B7-869A-F2E3D863924C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{66284CE3-8A0E-4866-BE79-DFCDBFFB2C0F}" = lport=137 | protocol=17 | dir=in | app=system |
"{6DCB8D14-E3D9-4E08-99AC-E6FAE519B620}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70AD61AA-4160-426C-A81E-B063625088A9}" = lport=445 | protocol=6 | dir=in | app=system |
"{76221C90-4129-49E7-8E1F-1F5960B4E632}" = rport=137 | protocol=17 | dir=out | app=system |
"{7B4FA3BA-8BF3-4460-A2EC-CD48447F1D0C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{858D91B0-655A-4FBB-B28A-E6713B915D08}" = lport=139 | protocol=6 | dir=in | app=system |
"{8E08B308-0ACE-45F8-9FF4-A6143DAD370F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F472ECD-916F-4F07-BFE2-DBF8093F7C9A}" = rport=139 | protocol=6 | dir=out | app=system |
"{A6CC7B9A-95AF-4167-8A7D-DD8040C81388}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A740C145-A9AF-45E7-A4F5-B2912BA9DC3B}" = rport=445 | protocol=6 | dir=out | app=system |
"{BCD7B3D3-B553-44F3-BD0B-90545E035C8D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C7626F40-ADCB-4D2A-AB13-84F9EBF8EA6A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D2FF9857-5848-4DE1-8D2A-57D73CDBBD12}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F2135833-2D35-40CE-9E52-E2DEAA2BB7D5}" = lport=138 | protocol=17 | dir=in | app=system |
"{F2E632AE-AA74-4A1E-8693-03032BCE89F6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F960EC91-284D-4D8D-8384-55591EF2696F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9664350-EC14-4F5D-AE22-8D0ED286CEF8}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDE93504-59FB-4C66-81B4-B52AF58A1A9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DAB4158-F9F3-4CF7-BE3E-718E1EE635BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0EAB70FB-B00A-48C6-B224-1240B9820724}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{10301E0A-EF67-40CE-85F1-EFA4E3A00FFB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1135EA04-D3B1-4B78-95F6-208ABDF81489}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{1ABE5B74-DC1F-4281-87E7-BF5C25B1A209}" = protocol=1 | dir=out | [email protected],-28544 |
"{1CD5F30C-9134-40B0-B80F-841531007E5C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{229FE50B-D14C-478A-9E0B-618C693EE2FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{231E8254-E12B-4A65-95B8-0A5AF0ED3F44}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{2852F425-7389-4B7D-8A82-E772A5F5B0A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{30006330-E3FB-42FF-BF74-F8531E505225}" = dir=in | app=c:\users\suzie\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{3A0550F3-3E16-4F98-B174-F1A9033DA500}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{402D3518-1B92-4591-A771-7A56BCE0FF28}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4A4D0488-41AC-410D-9F06-E61435C2A861}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4EDACE42-D259-4A17-8C4E-E1C0823DAE3D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F50D2E4-A05C-4AAA-82B3-2A7FC9D4FB4D}" = protocol=58 | dir=out | [email protected],-28546 |
"{523C0533-B842-466A-941B-78ED810205B7}" = protocol=1 | dir=in | [email protected],-28543 |
"{5B549655-4482-4BA0-AFA2-0A0B53149EF4}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{5D0044D8-03A4-4CAB-A669-BE2129707793}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{602964B0-09B4-4E5B-9073-417BC0688DEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6230CD65-F3B8-4A22-AD07-C00977B4EAF9}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{6DFDDFFE-CE4A-417F-AF61-B6A39C117D07}" = protocol=6 | dir=out | app=system |
"{7BFE4346-B38C-4FD9-826A-553EA1E9387E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{95CB7AD4-7468-4842-9641-C0A1DC7F80F1}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{A54B3345-E285-457A-8C83-CA28E1ACEA68}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{A625DDE8-E7C1-4DA2-8571-834FBB04F29F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CCDF99D2-0C44-4D2A-B85A-E7ADF40A8481}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CFBAA11C-F2F2-4661-A70B-E9F1C1374E64}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{D6DEFBCA-A315-41C7-BC2E-FEA5F0AE7EEA}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{D8BC03A6-ACF3-47E2-86CB-E7548590D570}" = protocol=58 | dir=in | [email protected],-28545 |
"{DF8BD32F-3EBD-4548-B1D9-96E58FABA652}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E34B04A7-F756-47BE-9093-1E6D1C267289}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{EDF23671-47A9-4FBB-BDD2-7C5D2ED26BCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EEB4F3F8-19C8-4FAC-9C27-808E7C53BDD3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F5A7703D-0294-406A-89B5-E9C5B9EFCE30}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FA5CB89E-6F91-4286-B340-4315BCDCCC4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{FCBE5BC8-EA3C-4C08-9BD3-E3FBEE8D8065}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE15215D-881A-4D21-84F3-9C1802DBAE50}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{08C16C80-2BAB-43E5-BDAD-3F79F4D96904}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |
"TCP Query User{0CF7C4D0-A059-4212-9E83-F0F1DEC75D05}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |
"TCP Query User{2E250583-B42C-43C1-9149-AB9F9A78B557}C:\program files (x86)\cxp\biznuri 4.0\biznuri.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cxp\biznuri 4.0\biznuri.exe |
"TCP Query User{2F8942C5-E28C-45DF-ADE1-586CEDFDB81A}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{80F6FEE2-E34F-4014-AEE3-A495910A6C3B}C:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{A0C1E7E7-2B49-4AA4-B43A-A384528F6A2B}C:\program files (x86)\idapted\idaptedtrainerclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\idapted\idaptedtrainerclient.exe |
"TCP Query User{E615E638-847D-493D-A098-B559ABBA6B01}C:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe |
"UDP Query User{0E161125-8722-499B-B54F-C6BF5AD2BA1C}C:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eleutian\eleutian trainer studio\trainerstudio.exe |
"UDP Query User{54A139E7-ACC0-4B9C-A7CD-4E4418FE8BDA}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |
"UDP Query User{5A652A67-7CD2-4276-9351-388C32482651}C:\program files (x86)\idapted\idaptedtrainerclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\idapted\idaptedtrainerclient.exe |
"UDP Query User{8BFBA22D-658A-404C-B599-276EC08080B7}C:\users\suzie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A796F493-744B-4D9A-83A2-322A838BC138}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{AFD3577C-77A0-4E1F-BF6E-34C2E18FF7DA}C:\program files (x86)\cxp\biznuri 4.0\biznuri.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cxp\biznuri 4.0\biznuri.exe |
"UDP Query User{C9819A0F-394E-4B7E-B1A9-39CE924302B4}C:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\suzie\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1A26F3E9-1351-400B-B296-A0B24F2FDA8C}" = CXP Color Printer Driver
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel® PROSet/Wireless WiFi Software
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = IntelÂ® PROSet/Wireless WiMAX Software
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium 2012
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL
"EPSON Artisan 730 Series" = EPSON Artisan 730 Series Printer Uninstall
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"ProInst" = Intel PROSet Wireless
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0626417A-89F1-4401-83E0-3075FC4FB95C}" = Video Convert
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16EE2E7E-221B-40DD-8A9A-4311498EC930}" = LG USB Modem Drivers
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8F7C1E5-0150-11D6-A96C-00D05908F85D}" = USB Driver
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E86DE69E-A94E-41B6-8661-7372FCA1A83C}" = LG VZW United Drivers
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"ASUS_Screensaver" = ASUS_Screensaver
"Audacity_is1" = Audacity 2.0.5
"Canon MP495 series User Registration" = Canon MP495 series User Registration
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Catan Online Welt" = Catan Online World
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ffdshow_is1" = ffdshow v1.2.4475 [2012-07-12]
"F-Manager" = Fiesta Download Manager
"Google Chrome Frame" = Google Chrome Frame
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"LAME_is1" = LAME v3.99.3 (for Windows)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2 Lite
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"48e4cff94f039634" = Best Buy pc app
"Amazon Amazon Cloud Player" = Amazon Cloud Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/18/2014 1:01:48 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454
Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with
unexpected error -1022.

Error - 6/18/2014 1:35:45 PM | Computer Name = Suzie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 30.0.0.5269,
time stamp: 0x53914233 Faulting module name: mozalloc.dll, version: 30.0.0.5269,
time stamp: 0x53911393 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting
process id: 0x6ec Faulting application start time: 0x01cf8b1b3589aa6d Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: f9d88131-f70e-11e3-952d-bcaec52a7529

Error - 6/18/2014 1:53:21 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419
Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database
C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

Error - 6/18/2014 1:53:21 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454
Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with
unexpected error -1022.

Error - 6/18/2014 1:54:18 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419
Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database
C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

Error - 6/18/2014 1:54:18 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454
Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with
unexpected error -1022.

Error - 6/18/2014 1:55:14 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419
Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database
C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

Error - 6/18/2014 1:55:15 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454
Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with
unexpected error -1022.

Error - 6/18/2014 1:56:11 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 419
Description = taskhost (1560) WebCacheLocal: Unable to read page 66 of database
C:\Users\Suzie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error -1022.

Error - 6/18/2014 1:56:12 PM | Computer Name = Suzie-PC | Source = ESENT | ID = 454
Description = taskhost (1560) WebCacheLocal: Database recovery/restore failed with
unexpected error -1022.

[ OSession Events ]
Error - 3/3/2011 2:49:07 AM | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/18/2011 2:46:28 AM | Computer Name = Suzie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 603 seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/18/2014 1:53:47 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/18/2014 1:55:34 PM | Computer Name = Suzie-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

< End of report >

Suz · June 18, 2014

I hope this works!

OTL.Txt

flashh4 · June 18, 2014

I contacted Besttechie (Jeff) he will fix it ASAP !

Suz · June 19, 2014

Any ideas when it will be fixed?

flashh4 · June 19, 2014

No i haven't heard back from him !! Sorry Suz i will PM you as soon as i hear anything !

I do have more for you to do tho, so don't quit on me yet !! Have you noticed any improvements in it running ??

flashh4 · June 19, 2014

Suz.rtf

flashh4 · June 19, 2014

Suz .... We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

* Double-click OTL.exe to start the program.
* Copy and Paste the following code into the . text box of the OTL tool/program ! Start with and include the colon plus :OTL

open the OTL program copy all in RED , make sure you include :

and place into the box when you open the OTL program !!

:OTL

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-750219145-2589332277-1375212679-1001\..\SearchScopes,DefaultScope =
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
[2011/02/24 18:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions
[2014/03/20 19:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\extensions
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/06/17 23:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/06/17 23:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]

# Then click the Run Fix button at the top.
# Click
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

flashh4 · June 19, 2014

I hope this works, still not heard from BesTTechie to fix the problem !

I used the Attach Files & then copied it & pasted it, it worked but had to do some manual typing also !

So try & copy & paste first in your return log !

Chuck

It seems to be working ok now to copy/paste so give it a try, i think something was wrong with the post box that we were working in !! Other than that i am stumped !! Anyway i can paste anything now where i couldn't before !!

Suz · June 19, 2014

It is still not letting me paste, so I am putting it as a quote again. THis was my second attempt. The first time I used the text file you posted, so I didn't have the code just right. I will post the First attempt log next.

All processes killed
========== OTL ==========
Error: Unable to stop service Amsp!
Unable to delete service\driver key Amsp.
File C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-750219145-2589332277-1375212679-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Suzie\AppData\Roaming\Mozilla\Firefox\Profiles\4o17w86d.default-1393900317489\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gcf\ deleted successfully.
File Protocol\Handler\gcf - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Suzie
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Suzie
->Flash cache emptied: 492 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Suzie
->Temp folder emptied: 9572 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35930511 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 240688 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 35.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
Error: Unable to interpret <

OTL by OldTimer - Version 3.2.69.0 log created on 06192014_105132

Files\Folders moved on Reboot...
C:\Users\Suzie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

> in the current context!

Suz · June 19, 2014

Here is the log from the first time I ran the OTL fix:

All processes killed
Error: Unable to interpret <

> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 06192014_100143

Files\Folders moved on Reboot...
C:\Users\Suzie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Suzie\AppData\Local\Temp\Suz.rtf moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8D90AB6D-7780-42C6-B4D7-EF728DACBC8A}.tmp moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{975DFFF3-A859-4AFD-8B73-B20D0A13D803}.tmp moved successfully.
C:\Users\Suzie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Edited June 19, 2014 by Suz

Suz · June 19, 2014

I did the OTL fix. In the text document that you posted, there was another thing you wanted me to download and run, but it wasn't inlcuded in your other post. Only the OTL fix was posted there.

Can you post the other one here again?

Thanks!

flashh4 · June 19, 2014

Yes Suz, please run this program for me !

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

Thanks

Chuck

Suz · June 19, 2014

Results of screen317's Security Check version 0.99.85

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 11

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Trend Micro Titanium 2012

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Java 7 Update 55

Java version out of Date!

Adobe Flash Player 13.0.0.214 Flash Player out of Date!

Adobe Reader 10.1.10 Adobe Reader out of Date!

Mozilla Firefox (30.0)

````````Process Check: objlist.exe by Laurent````````

Trend Micro AMSP coreServiceShell.exe

Trend Micro UniClient UiFrmWrk uiWatchDog.exe

Trend Micro UniClient UiFrmWrk uiSeAgnt.exe

Trend Micro AMSP coreFrameworkHost.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

flashh4 · June 19, 2014

Suz, as you can see you have some out of date programs ! So lets go into control panel/uninstall programs if present, and remove them so we can install the latest !

Uninstall

1. Java 7 Update 55

2. Adobe Flash Player 13.0.0.214

3. Adobe Reader 10.1.10

Java version out of Date! ......... Update Java Runtime

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 14.

1. Go to http://java.sun.com/javase/downloads/index.jsp

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

===========================

Adobe Reader out of Date! .......... Update Adobe Reader >>> http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=5440&fileID=5441

Make sure you uncheck the box to install McAfee Security Scan Plus

========================

Adobe Flash Player up date !!

http://www.download-update.org/lp/adobe-flash/21/

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

Let me know how it goes there on the updates !

==============================

Please download OTCleanIt and save it to desktop.

    Double-click OTCleanIt.exe. >>> http://oldtimer.geekstogo.com/OTC.exe
    Click the CleanUp! button.
    Select Yes when the "Begin cleanup Process?" prompt appears.
    If you are prompted to Reboot during the cleanup, select Yes.
    The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

==========================

Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
NoScript

adblock plus

3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
Online Armor Free
Agnitum Outpost Firewall Free
Comodo Firewall Free

5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

6.WOT(Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

7. Finally, I strongly recommend that you read Miekiemoes' great advice How to prevent malware .

Please let me know how it's running, you are all clean of infections & PUP's !!

It will run faster after a few normal reboots !!

Chuck

flashh4 · June 19, 2014

Please let me know how things are running & if there are any problems !! I will lock this topic after 5 days, if you need it re-opened please PM me or any Mod !

Thanks

Chuck

Happy Surfing

Suz · June 19, 2014

I Pm'd you on facebook, but I thought I would post here as well. I can't get the Adobe programs to download to my computer. I downloaded the installers, and when I double click on them the box pops up that asks me if I want to "Run" them. I click on "run" and then nothing happens. This is the same problem my computer has been having. These programs wouldn't update, which is why they were outdated.

Any suggestions?

Help with slow computer

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites