|
#32
July 13th, 2012, 01:07 AM
|
||||
|
||||
|
I will admit I am not too well read on Chrome - been sorta hoping it would just go away, since it does cause problems in certain situations (It runs apps even if closed, and if the default browser, can cause problems with other programs running).
Follow the steps here to reset Google Chrome, to remove the adware/search hijackers showing loading in it. Reboot, and see if that made the changes you want. 
|
|
#33
July 13th, 2012, 05:02 AM
|
||||
|
||||
|
Hi Jintan. Trying to reset the browser settings did not help. I felt the next logical step would be to try uninstalling the browser altogether, rebooting, and then installing( I feel you cringing!) a fresh copy. To this point,at least, I haven't seen any sign of the problem. I hope I didn't jump the gun on anything!
|
It was the next step anyway, so you chose well. Please run and post a new OTL log, and let's be sure we are all clear there.
|
#35
July 14th, 2012, 04:51 PM
|
||||
|
||||
|
OTL logfile created on: 7/14/2012 10:44:26 AM - Run 5
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Dan\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.85 Gb Total Physical Memory | 5.90 Gb Available Physical Memory | 75.18% Memory free 15.70 Gb Paging File | 13.86 Gb Available in Paging File | 88.28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 906.34 Gb Total Space | 829.72 Gb Free Space | 91.55% Space Free | Partition Type: NTFS Computer Name: DAN-PC | User Name: Dan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/08 22:01:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Dan\Downloads\OTL.exe PRC - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccsvchst.exe PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/14 08:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe PRC - [2010/10/05 08:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/10/05 08:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/11/19 18:15:46 | 000,583,016 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe PRC - [2004/02/12 13:38:56 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuSchd2.exe ========== Modules (No Company Name) ========== MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/02/14 08:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/08/01 10:12:52 | 001,338,256 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService) SRV:64bit: - [2011/08/01 10:12:50 | 001,978,256 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService) SRV:64bit: - [2011/08/01 10:12:46 | 000,317,328 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService) SRV:64bit: - [2010/12/13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/09/14 00:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04) SRV:64bit: - [2009/09/14 00:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/07/12 01:31:21 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe -- (NAV) SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010/10/05 08:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010/10/05 08:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/05/03 18:58:24 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012/03/29 01:28:38 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\sy mnets.sys -- (SymNetS) DRV:64bit: - [2012/03/29 01:28:30 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\sy mefa64.sys -- (SymEFA) DRV:64bit: - [2012/03/29 01:06:25 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\ir onx64.sys -- (SymIRON) DRV:64bit: - [2012/03/29 01:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\sr tsp64.sys -- (SRTSP) DRV:64bit: - [2012/03/29 01:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\sr tspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/01/17 18:46:00 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM) DRV:64bit: - [2012/01/17 18:45:56 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\sy mds64.sys -- (SymDS) DRV:64bit: - [2011/11/29 17:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1307010.005\cc setx64.sys -- (ccSet_NAV) DRV:64bit: - [2011/08/31 20:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/12/13 14:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010/10/14 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010/09/21 01:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb) DRV:64bit: - [2010/07/20 04:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\4F30.tmp -- (MEMSWEEP2) DRV:64bit: - [2009/07/21 14:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 16:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/06/10 15:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64) DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/02/13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV - [2012/07/14 05:13:51 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\VirusDefs\2 0120713.035\ex64.sys -- (NAVEX15) DRV - [2012/07/14 05:13:51 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\VirusDefs\2 0120713.035\eng64.sys -- (NAVENG) DRV - [2012/06/18 19:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\BASHDefs\20 120711.002\BHDrvx64.sys -- (BHDrvx64) DRV - [2012/06/14 13:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\IPSDefs\201 20713.001\IDSviA64.sys -- (IDSVia64) DRV - [2012/06/13 20:36:50 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012/05/30 21:13:32 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DR
|
|
#36
July 14th, 2012, 04:52 PM
|
||||
|
||||
|
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B1CCFC3B-F9DF-45E8-B825-E4A2127368C9} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? } IE:64bit: - HKLM\..\SearchScopes\{B1CCFC3B-F9DF-45E8-B825-E4A2127368C9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {7263255D-8DB0-4144-961D-5AE370839A11} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{7263255D-8DB0-4144-961D-5AE370839A11}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dan\AppData\Local\Google\Update\1.3.21.11 1\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dan\AppData\Local\Google\Update\1.3.21.11 1\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\IPSFFPlgn\ [2012/05/03 16:52:48 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google:originalQueryForSuggestion}{go ogle:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&hl={language}&q={searc hTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dan\AppData\Local\Google\Chrome\Applicati on\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dan\AppData\Local\Google\Chrome\Applicati on\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dan\AppData\Local\Google\Chrome\Applicati on\20.0.1132.57\gcswf32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll CHR - plugin: Google Update (Enabled) = C:\Users\Dan\AppData\Local\Google\Update\1.3.21.11 1\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.9.0.9216_0\ CHR - Extension: Gmail = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\ O1 HOSTS File: ([2011/07/15 13:09:02 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe () O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktopCleanupWizard = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.3.0.2 10.3.0.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{6628BA8C-842D-4371-9338-B8FFD88411E0}: DhcpNameServer = 10.3.0.2 10.3.0.3 O18:64bit: - Protocol\Handler\gopher - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
|
|
#37
July 14th, 2012, 04:53 PM
|
||||
|
||||
|
========== Files/Folders - Created Within 30 Days ==========
[2012/07/13 12:26:00 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\Apple [2012/07/13 08:12:57 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{BBA25453-7C4F-44FC-AE80-4C103220FA91} [2012/07/13 08:12:46 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{C1655F18-5540-4497-B5E3-EB8D83BB325E} [2012/07/12 22:30:38 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Google Chrome [2012/07/12 22:24:41 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Revo Uninstaller [2012/07/12 22:10:13 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{849FEA32-D7AD-429B-9C8C-1D0663D8D29C} [2012/07/11 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\Adobe [2012/07/11 15:29:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll [2012/07/11 15:29:32 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll [2012/07/11 03:23:14 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{4D9EFE50-B5B2-4A34-A424-D2F90E636114} [2012/07/11 03:23:01 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{AEB84073-0A3D-4ABE-BA27-B9CFACC9378B} [2012/07/11 03:01:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2012/07/11 03:01:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2012/07/11 03:01:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2012/07/11 03:01:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2012/07/11 03:01:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2012/07/11 03:01:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2012/07/11 03:01:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2012/07/11 03:01:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2012/07/11 03:01:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2012/07/11 03:01:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2012/07/11 03:01:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2012/07/11 03:01:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2012/07/11 03:01:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2012/07/11 01:08:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll [2012/07/11 01:08:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll [2012/07/11 01:08:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll [2012/07/10 11:01:23 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{F62642CB-208E-458A-8D36-75909DB51ADE} [2012/07/10 11:01:11 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{3495496D-1980-4CDB-BDFA-77496BD10FFA} [2012/07/09 16:21:31 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{848F38FF-91E3-4660-8822-D7932EE36579} [2012/07/09 16:21:18 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{C7FE19A1-765D-42C4-8E80-F47FA89E1F9D} [2012/07/08 23:05:36 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\Apple Computer [2012/07/08 21:42:22 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{398D6BEA-E5FC-4509-A586-1E6C89F888C4} [2012/07/08 21:42:11 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{63EACE27-696D-4E86-BD65-E9FF54279517} [2012/07/08 13:56:05 | 000,268,720 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2012/07/08 13:55:59 | 000,189,360 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2012/07/08 13:55:59 | 000,188,840 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2012/07/08 13:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/07/08 07:30:39 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{A4520500-1B2A-42E7-ACD2-F98B062A968A} [2012/07/08 07:30:28 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{54CE502A-CE6B-4410-8C72-FF2305CFA6FB} [2012/07/07 11:50:26 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{90EEE1CE-0316-4669-AE2C-F9AD7A8E15E5} [2012/07/07 11:50:15 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{065D633F-A3AD-45C9-9242-71CF2B914966} [2012/07/06 07:59:09 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{C6EA5B87-BFC7-4C68-9FF6-83DFF8FF5875} [2012/07/06 07:58:55 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{245DAE14-85E4-4EBD-87BC-ADD590DB375E} [2012/07/05 09:53:05 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{DA519E5C-3F7C-4727-B79B-0CCE12714192} [2012/07/05 09:52:44 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{3BB53208-885E-47D7-BFEB-87E1DA824699} [2012/07/03 07:42:21 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{2764CC50-0735-42D1-BB2A-99057B1796DF} [2012/07/03 07:42:07 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{1DA231D6-BADE-47EE-9143-80C08E2149DD} [2012/07/02 15:34:04 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{D04713DB-2043-44C4-9EFB-20D2A59F5B13} [2012/07/02 15:33:51 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{BCFCFEA8-43D6-49FC-BD8D-2097BD7259BD} [2012/06/30 08:01:10 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{55F5D604-6282-4258-9EAF-8D1C37484026} [2012/06/30 08:00:53 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{82C19BA3-3E85-43CC-901A-AE3C71AFD123} [2012/06/29 08:07:06 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{B60A65F5-1F53-49EF-A2C3-D2ECFA5F1CB7} [2012/06/29 08:06:52 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{F72A132A-A30D-46AA-9FD4-38F9A9FC7448} [2012/06/28 15:36:31 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{97BEC443-1BC0-4ECC-BCDD-FD96B9D8559A} [2012/06/28 15:36:14 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{9EDA88A9-76F1-46C6-9379-164464532F58} [2012/06/27 22:16:20 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{097D1D27-6643-47C2-91FB-345CA5915A02} [2012/06/27 22:16:08 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{4BC0C714-F760-4BBA-BEC5-A0B44381E1CB} [2012/06/27 22:09:27 | 000,000,000 | ---D | C] -- C:\windows\en [2012/06/27 22:05:49 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys [2012/06/27 22:03:29 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{966A363B-C666-43EF-9DEE-F5C44672B282} [2012/06/27 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{AECC99B2-9B8C-4649-A173-040AF5E7DE42} [2012/06/27 22:03:07 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{8BB16E36-3418-42FE-9626-0027DD41F6DA} [2012/06/27 22:02:56 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{6DE67B2C-0D2F-4ED9-86FD-A8017D4C39B0} [2012/06/27 22:02:46 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{B8F5E9DA-DF2B-4CC0-A2F5-C90AD438AD58} [2012/06/27 22:02:35 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{4EE18BDE-AAB6-4CB8-AAB2-D4C7D5633C35} [2012/06/27 08:08:54 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{FCDF1F4F-3F5E-49FF-A04A-8A4ECCC85064} [2012/06/27 08:08:33 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{AA4DB390-91D2-458E-8EDE-60D989F7F513} [2012/06/20 22:50:29 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll [2012/06/20 22:50:29 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe [2012/06/20 22:50:29 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll [2012/06/20 22:50:09 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll [2012/06/20 22:50:09 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll [2012/06/20 22:50:09 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll [2012/06/20 22:49:57 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll [2012/06/20 22:49:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe [2012/06/17 08:49:31 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{F7E79434-90E4-4F36-A226-784BE1CFE37E} [2012/06/15 13:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/15 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/06/15 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/06/15 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/15 09:33:33 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{1DF96F34-3839-4CF0-9704-0650B3C2E520} [2012/06/14 15:18:47 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{95CFA6AB-8EEE-4B84-AA7D-076F21C4606C} [2012/06/14 15:18:35 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\{80FACD4E-F5CE-4C58-B6DD-06F099BA48FF} [8 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ] [1 C:\Users\Dan\Documents\*.tmp files -> C:\Users\Dan\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/07/14 10:31:00 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001UA.job [2012/07/14 10:31:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012/07/13 22:31:00 | 000,000,848 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001Core.job [2012/07/12 22:21:21 | 000,001,254 | ---- | M] () -- C:\Users\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/07/12 22:18:09 | 000,017,952 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/12 22:18:09 | 000,017,952 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/12 22:15:31 | 000,739,728 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012/07/12 22:15:31 | 000,632,930 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012/07/12 22:15:31 | 000,110,564 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012/07/12 22:09:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/07/12 22:08:53 | 2028,277,759 | -HS- | M] () -- C:\hiberfil.sys [2012/07/12 16:35:01 | 000,001,075 | ---- | M] () -- C:\Users\Dan\Desktop\TDSSKiller.2.7.45.0_12.07.201 2_16.33.02_log - Shortcut.lnk [2012/07/12 16:32:24 | 000,001,139 | ---- | M] () -- C:\Users\Dan\Desktop\larry.com - Shortcut.lnk [2012/07/12 01:31:20 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2012/07/12 01:31:20 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2012/07/11 03:20:44 | 001,128,280 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2012/07/08 23:07:53 | 000,000,512 | ---- | M] () -- C:\Users\Dan\Desktop\MBR.dat [2012/07/08 22:02:17 | 000,001,079 | ---- | M] () -- C:\Users\Dan\Desktop\OTL.exe - Shortcut.lnk [2012/07/08 22:02:05 | 000,001,110 | ---- | M] () -- C:\Users\Dan\Desktop\aswMBR.exe - Shortcut.lnk [2012/07/08 13:55:51 | 000,955,840 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npdeployJava1.dll [2012/07/08 13:55:51 | 000,839,096 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll [2012/07/08 13:55:51 | 000,268,720 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2012/07/08 13:55:51 | 000,189,360 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2012/07/08 13:55:51 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2012/07/07 16:38:26 | 000,251,078 | ---- | M] () -- C:\Users\Dan\Desktop\photo.htm [2012/07/06 14:31:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/03 13:50:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/06/25 22:46:15 | 001,330,176 | ---- | M] () -- C:\Users\Dan\Documents\4th of july 2011.PSproj [2012/06/24 21:42:08 | 000,219,136 | ---- | M] () -- C:\Users\Dan\Documents\muffins.PSproj [2012/06/15 13:34:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [8 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ] [1 C:\Users\Dan\Documents\*.tmp files -> C:\Users\Dan\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/07/12 22:26:26 | 000,000,900 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001UA.job [2012/07/12 22:26:25 | 000,000,848 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606387608-774257337-4196163694-1001Core.job [2012/07/12 16:35:01 | 000,001,075 | ---- | C] () -- C:\Users\Dan\Desktop\TDSSKiller.2.7.45.0_12.07.201 2_16.33.02_log - Shortcut.lnk [2012/07/12 16:32:24 | 000,001,139 | ---- | C] () -- C:\Users\Dan\Desktop\larry.com - Shortcut.lnk [2012/07/08 23:07:53 | 000,000,512 | ---- | C] () -- C:\Users\Dan\Desktop\MBR.dat [2012/07/08 22:02:17 | 000,001,079 | ---- | C] () -- C:\Users\Dan\Desktop\OTL.exe - Shortcut.lnk [2012/07/08 22:02:05 | 000,001,110 | ---- | C] () -- C:\Users\Dan\Desktop\aswMBR.exe - Shortcut.lnk [2012/07/07 16:38:39 | 000,251,078 | ---- | C] () -- C:\Users\Dan\Desktop\photo.htm [2012/06/24 21:42:07 | 000,219,136 | ---- | C] () -- C:\Users\Dan\Documents\muffins.PSproj [2012/06/15 13:34:16 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/02/25 16:40:22 | 000,000,682 | ---- | C] () -- C:\Users\Dan\Libraries.lnk [2011/12/24 19:57:42 | 000,044,338 | ---- | C] () -- C:\Users\Dan\332617.jpg [2011/12/21 13:44:24 | 000,050,843 | ---- | C] () -- C:\Users\Dan\kathy-hall_metro-audio-dynamics.pdf [2011/11/27 13:30:49 | 000,025,177 | ---- | C] () -- C:\Users\Dan\cats.jpg [2011/11/27 13:21:35 | 000,019,608 | ---- | C] () -- C:\Users\Dan\v31156.001 [2011/08/31 20:51:16 | 000,216,000 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin [2011/08/31 20:46:00 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2011/08/31 20:26:20 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll [2011/07/30 08:52:05 | 000,058,075 | ---- | C] () -- C:\Users\Dan\kathy-hall_nothing-bundt-cakes-omaha.pdf [2011/07/15 13:03:39 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2011/07/15 13:03:39 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2011/07/15 13:03:39 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2011/07/15 13:03:39 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2011/07/15 13:03:39 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2011/04/22 13:52:08 | 000,000,250 | ---- | C] () -- C:\windows\gmer.ini [2011/04/22 13:52:07 | 000,819,200 | ---- | C] () -- C:\windows\gmer.dll [2011/03/26 01:16:10 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin [2011/01/19 08:40:49 | 000,000,023 | ---- | C] () -- C:\windows\SysWow64\drivers\psn.dat [2011/01/17 19:15:41 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll [2010/11/19 05:22:29 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin [2010/04/03 21:29:07 | 000,001,158 | ---- | C] () -- C:\Users\Dan\NX125_127 User's Guide.lnk [2010/04/03 19:13:42 | 000,000,258 | RHS- | C] () -- C:\Users\Dan\ntuser.pol [2010/01/10 16:34:29 | 000,000,042 | ---- | C] () -- C:\Users\Dan\default.pls [2007/08/23 14:58:13 | 000,001,080 | ---- | C] () -- C:\Users\Dan\NORInfo.ini [2007/08/23 14:58:13 | 000,000,084 | ---- | C] () -- C:\Users\Dan\USBInfo.ini [2005/11/13 16:54:51 | 000,000,084 | ---- | C] () -- C:\Users\Dan\.assistanttbrc [2005/11/13 16:53:44 | 000,001,920 | ---- | C] () -- C:\Users\Dan\.indexdb ========== Alternate Data Streams ========== @Alternate Data Stream - 872 bytes -> C:\Users\Dan\Documents\Dave Andersen Letter of Character Reference.eml:OECustomProperty < End of report >
|
|
#38
July 14th, 2012, 04:59 PM
|
||||
|
||||
|
OTL Extras logfile created on: 7/14/2012 11:03:08 AM - Run 5
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Dan\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.85 Gb Total Physical Memory | 5.80 Gb Available Physical Memory | 73.87% Memory free 15.70 Gb Paging File | 13.76 Gb Available in Paging File | 87.64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 906.34 Gb Total Space | 829.72 Gb Free Space | 91.55% Space Free | Partition Type: NTFS Computer Name: DAN-PC | User Name: Dan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 [H Last edited by Go Skers; July 14th, 2012 at 05:09 PM.
|
|
#39
July 14th, 2012, 05:10 PM
|
||||
|
||||
|
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{02F7B8A8-2EB9-4D70-A8BE-26FA43EF628B}" = lport=139 | protocol=6 | dir=in | app=system | "{0AB36C77-AF74-435C-A8A3-AB9026857A6F}" = lport=137 | protocol=17 | dir=in | app=system | "{0C2E370A-D2D1-41E4-91B7-783F116B3CCE}" = rport=138 | protocol=17 | dir=out | app=system | "{1297FBCD-E02E-44B2-976E-21355A90B9C8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{13BA6E1F-D941-49E9-A2C4-386C585BAC4A}" = rport=137 | protocol=17 | dir=out | app=system | "{14021D1E-92DB-465A-A4F4-66B28CC5D5AE}" = lport=10243 | protocol=6 | dir=in | app=system | "{1B533630-D689-41A5-B1BB-97AE14A8916D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1CD9B71C-88A5-4EC5-9034-61A324EE3710}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2892CA2B-C6ED-4D96-84C8-D0733308B3BD}" = rport=445 | protocol=6 | dir=out | app=system | "{28CB2101-EB74-4392-8CEA-BEE83F924A11}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4A38FAB3-2270-4F1B-A8BD-18369528D81C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4EC548EC-1579-4EC2-A931-70AE63CF9A4F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5C046086-D11D-47BE-8F8E-EE0BFFC36CF5}" = rport=139 | protocol=6 | dir=out | app=system | "{61B056A2-7825-4AD0-A151-E96A84EE5DA3}" = lport=2869 | protocol=6 | dir=in | app=system | "{63687788-DD40-4640-A05F-C02DC2577772}" = rport=10243 | protocol=6 | dir=out | app=system | "{6A13EFE0-B7CC-436C-B909-BF4F25154CE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6C4768E9-7B46-4A2A-99F7-6C7EEE06C89B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6EE3937E-4B13-4876-BF48-C0A80C5C8DB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{874EE024-F4F5-43A0-B939-BB3A2683389C}" = lport=445 | protocol=6 | dir=in | app=system | "{8FAFDEE4-8471-4579-9397-DF040BBD82AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9480AFF2-DE66-4F35-B7C7-E641EFA57E31}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A0BC5C65-70B9-4843-8073-440B8BD7A488}" = lport=138 | protocol=17 | dir=in | app=system | "{B922A1B1-BEA7-43FA-BCCE-A4B8139BBD03}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C0567E47-A72F-4EE3-9CEA-C239A1ADF469}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F2690CA8-D8C6-44C8-8974-5CD7FB84BE17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{0CEDD20C-76FB-4AA1-8788-C50AB66084C6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "{106D8C1C-50BE-4B72-9881-C346BAF59624}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{13B5E343-439B-4175-BB27-D66A9AA812E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{149AF163-1B46-4563-ADE0-5FBE8F529484}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1E5C6DAB-4572-4FB5-A507-8B004AFDDC34}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{2180AC2F-D91E-438C-A6DD-4D73F104B9CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2C0C68C9-F2D1-457B-A410-0EEE8DE83EE2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{30DD2D01-E947-4863-8256-9A2B2057D010}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{32E6B747-56DC-46B0-B5D0-AE73ACF10C72}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3600F4D3-E13E-456C-9DD0-1F8B555B8DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{575953FF-7170-47DF-8CB3-5C725F7C9F95}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{59DAC42B-0581-4F6A-BF31-F287461C1DDE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5C5CA80E-80A7-407D-9ED4-8FD81FD3C899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{66E8ED99-5037-47B8-8703-A09BF471B3BF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "{6F057D89-9D7D-4D50-ACD3-A7BB02A9C426}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "{78978DB0-5015-4C78-B4BF-9819DA70F514}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{817B8BBE-6EDA-4226-A897-0BAD538626C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{84D573B9-301F-4F9D-96D7-689A50C86D92}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{8DF5AAF6-9A11-48E3-8DC2-6334C0912C76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AA83FBD9-9981-4DF9-B626-034EE973F7FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AE931AE9-8F06-473C-92FD-0F0FE42D669B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{AFF07294-4D90-4F74-88C2-FC1EC3EEBB20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B68B22BD-D396-4621-BCC8-57FD387878F6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{B8FAA4FC-1948-4B28-80A3-7F169D55E541}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{BB9137A7-70FA-43D5-BCA4-140F6089FD40}" = protocol=6 | dir=out | app=system | "{C2B77168-E77E-4F38-81B5-30D032CECD82}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{C346316C-170D-4ED5-AC41-04059BC4C688}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{D5B98397-13F3-4B5C-8560-D8EFD23CE73D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{D69A3CAA-1925-490E-90E3-FB9C18582AF6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{D7881B30-AD35-4FD6-AC6D-9AE9FF41AC90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DAB523A5-2DEA-4200-8B75-63E649B2EBDD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E361383C-E02D-4390-86E7-2DD8589FEC37}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E6BA6567-72E7-4D28-8B28-9CFEECF096C1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E9D85990-17C0-42F3-AD48-70039BB7FD89}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{F6BB7F71-057E-47D3-82EA-6D9994841EBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F85E5221-594E-467D-A1EB-5501F92D8FC7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{FD5BBC2A-80AB-4228-9EE4-DB2B6F69C720}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "TCP Query User{9CB34638-933E-49AF-8DA1-3CAEB07BC2B6}C:\users\dan\appdata\local\google\chr ome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\dan\appdata\local\google\chrome\appli cation\chrome.exe | "UDP Query User{18778C91-345E-45C2-961F-BAF23BF4D187}C:\users\dan\appdata\local\google\chr ome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\dan\appdata\local\google\chrome\appli cation\chrome.exe |
|
|
#40
July 14th, 2012, 05:11 PM
|
||||
|
||||
|
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23B47A34-0517-48DA-8B76-015DA8546893}" = WD SmartWare "{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit) "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System "{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation "{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "422991454CB076E9B856C21BBF99AF2B82317EDA" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) "CCleaner" = CCleaner "EPSON NX125 NX127 Series" = EPSON NX125 NX127 Series Printer Uninstall "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "PROSet" = Intel(R) Network Connections Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{42B21298-C850-4272-AFD9-636CBC005421}" = LXH-JME2207FN Hotkey Driver "{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update "{45970CD1-D599-47D4-938F-3E9800D54ED1}" = Lenovo Driver and Application Installation "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{53E4CE64-629E-4590-AB43-1D8C85A6E621}" = The Print Shop 2.0 Deluxe "{54B19DCE-232F-45A3-80D9-2141DEDF6D8F}" = Simple Adblock "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari "{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}" = Lenovo USB2.0 UVC Camera "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D3063097-EC84-4D21-84A4-9D852E974355}" = LVT "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F9001C89-8036-4673-9577-E7CD8564807C}" = The Print Shop 20 "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Cisco Connect" = Cisco Connect "HTC_WModemDriver" = WModem Driver Installer "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System "MailWasher Free_is1" = MailWasher Free 6.5.4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "NAV" = Norton AntiVirus "Revo Uninstaller" = Revo Uninstaller 1.94 "Shockwave" = Shockwave "Switch" = Switch Sound File Converter "WavePad" = WavePad Sound Editor "WebPost" = Microsoft Web Publishing Wizard 1.52 "WinLiveSuite" = Windows Live Essentials
|
|
#41
July 14th, 2012, 05:11 PM
|
||||
|
||||
|
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-606387608-774257337-4196163694-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall] "Google Chrome" = Google Chrome "Smilebox" = Smilebox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 6/6/2012 1:02:05 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/7/2012 9:10:35 AM | Computer Name = Dan-PC | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39 6087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2.manifest. Error - 6/7/2012 1:02:23 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/8/2012 1:02:42 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/9/2012 1:03:01 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/10/2012 1:03:11 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/11/2012 1:03:30 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/12/2012 10:28:00 AM | Computer Name = Dan-PC | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39 6087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2.manifest. Error - 6/12/2012 1:03:48 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 6/13/2012 1:04:07 PM | Computer Name = Dan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . [ Media Center Events ] Error - 4/6/2010 3:24:14 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 2:24:14 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/7/2010 5:35:51 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 4:35:51 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/8/2010 4:55:51 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 3:55:51 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/9/2010 5:45:40 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 4:45:40 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/10/2010 4:14:36 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 3:14:36 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/11/2010 6:22:51 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 5:22:51 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/12/2010 4:25:57 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 3:25:57 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/13/2010 4:46:11 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 3:46:11 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/14/2010 5:05:22 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 4:05:22 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) Error - 4/15/2010 5:23:03 AM | Computer Name = Dan-PC | Source = MCUpdate | ID = 0 Description = 4:23:03 AM - Failed to retrieve Directory (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.) [ System Events ] Error - 1/25/2012 5:49:52 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk2\DR6. Error - 1/25/2012 5:49:52 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk2\DR6. Error - 1/25/2012 5:49:53 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk2\DR6. Error - 1/25/2012 5:49:53 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk2\DR6. Error - 1/28/2012 2:58:44 PM | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7034 Description = The iPod Service service terminated unexpectedly. It has done this 1 time(s). Error - 2/2/2012 5:24:11 PM | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7024 Description = The Windows Search service terminated with service-specific error %%-1073473535. Error - 2/2/2012 5:24:11 PM | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7031 Description = The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error - 3/8/2012 4:15:39 PM | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 3/8/2012 7:13:19 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 3/10/2012 4:35:39 PM | Computer Name = Dan-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. < End of report >
|
|
#42
July 15th, 2012, 02:14 AM
|
||||
|
||||
|
Looks good, and the error logs only reflect old, pre-cleaning issues. Some suggestions:
Uninstall Best Buy pc app. A promotional program to purchase software from Best Buy. Also Sophos MemSweep always leaves a rootkit-check driver behind. Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each: sc delete "Sophos Plc" Then press Enter. You should get confirmation that the service was deleted. Then type exit and press Enter to close the command window. Before we start wrapping things up here, please post back on any issues we still need to address.
|
|
#43
July 15th, 2012, 05:14 AM
|
||||
|
||||
|
CMD says that "The specified service does not exsist as an installed service."
for Sophos Plc. As for the Best Buy pc app,I see it in the report, but I guess I don't know how to access it to delete it. As far as I can tell, everything esle seems to be back to normal. 
|
 |
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
All times are GMT +1. The time now is 10:29 AM.
