Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Delta Search Bar & Safari freezing when seraching


  • This topic is locked This topic is locked

#91
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

Acknowledged, lets take a completely different approach.

Download Windows Repair (all in one) from here

Install the programme then run...

Posted Image

Go to step 3 and allow it to run SFC:-

Posted Image

On the start repairs tab click start:-

Posted Image

Select the following items and tick restart system when finished >> click on Start

Posted Image

Let myself know when completed the above and we will then go from there, thank you.
  • 0

Advertisements


#92
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hello, once again, i have done that...thanks
  • 0

#93
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

i have done that...thanks

Good and you're welcome!

Please check the below again for myself please:-

Reboot your machine and continuously tap the F8 key. A menu should come up, namely Advanced Boot Options >> is there a option that says Repair and or Repair your computer at all ? If there is do not select and merely choose the option to Start Windows Normally

Let myself know the outcome in your next reply...also carry out the below and post the requested log etc.

Re-scan with OTL:

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Under Output, ensure that Standard Output is selected.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan/Fixes box cut & paste this in:-
netsvcs
baseservices
%systemdrive%\*.exe
/md5start
services.*
iastor.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CreateRestorePoint


  • Now click on Run Scan at the top left hand corner.
  • When done, one Notepad file will open, post the contents in your next reply for my review.

  • 0

#94
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hello again, F8 not working....but did the OTL scan, here are the results, thanks in advance.
OTL logfile created on: 05/03/2013 15:00:22 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.94 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 59.79% Memory free
3.87 Gb Paging File | 2.98 Gb Available in Paging File | 77.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 35.06 Gb Total Space | 9.33 Gb Free Space | 26.62% Space Free | Partition Type: NTFS
Drive D: | 113.89 Gb Total Space | 44.04 Gb Free Space | 38.67% Space Free | Partition Type: NTFS

Computer Name: JOPOPE-PC01 | User Name: Jo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 10:28:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
PRC - [2013/02/21 05:23:46 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/01/20 19:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/18 19:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/23 02:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/20 04:02:24 | 000,363,752 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/05/30 06:08:28 | 001,842,384 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/21 05:23:44 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppgooglenaclpluginchrome.dll
MOD - [2013/02/21 05:23:43 | 012,637,136 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
MOD - [2013/02/21 05:23:42 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
MOD - [2013/02/21 05:22:48 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll
MOD - [2012/06/20 21:23:00 | 000,599,419 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/03/05 13:13:30 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 19:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/07/27 20:58:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 01:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jo\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2013/02/05 22:58:22 | 000,013,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/09/19 10:02:06 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/08/23 14:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 14:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/10/24 05:39:40 | 000,278,528 | ---- | M] (AVEO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVEOdcnt.sys -- (AVEO)
DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 23:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/06/18 18:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Jo\Desktop
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 55 A6 19 00 0F 6A CB 01 [binary data]
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes,DefaultScope = {0AEADF14-F17C-4F00-BE2F-99194450DB7C}
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{0AEADF14-F17C-4F00-BE2F-99194450DB7C}: "URL" = http://www.google.co...rchTerms}&meta=
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{16C71303-6956-47D8-B5C6-002F0605D5C8}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...0C61407B26747B8
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\..\SearchScopes\{95560BF3-6453-4704-BF91-1B25463ABE13}: "URL" = http://websearch.ask...81-6C3901274266
IE - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 15:55:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/02/26 11:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jo\AppData\Roaming\Mozilla\Extensions
[2013/02/20 15:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/20 15:55:20 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/01 18:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/20 15:54:27 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/04 20:30:41 | 000,000,855 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - Startup: C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-3514929525-3119498317-4217759508-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3028E9AA-0C2D-45B0-A428-1EDCE1C22515}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/05 08:41:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2013/03/05 08:16:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/04 20:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2013/03/04 20:23:09 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/03/04 20:20:05 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/28 19:21:55 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Malwarebytes
[2013/02/28 17:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF Solutions
[2013/02/28 17:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\Free PDF Solutions
[2013/02/28 17:31:48 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Adobe
[2013/02/28 17:31:48 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Local\Adobe
[2013/02/28 17:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/02/28 08:25:43 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/02/28 08:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013/02/27 11:58:03 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/02/27 11:57:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/02/27 11:57:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 11:57:48 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 11:57:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 11:57:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 11:57:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 11:57:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 11:57:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 11:57:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 11:57:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 11:57:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 11:57:46 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 11:57:46 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/02/27 11:57:46 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/02/27 11:57:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/02/27 11:57:46 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/02/27 11:57:46 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/02/27 11:57:45 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/02/27 11:57:45 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/02/27 11:57:45 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/02/27 11:57:45 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/02/27 11:57:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/02/27 11:57:44 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/02/27 11:57:44 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 10:28:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2013/02/27 10:26:36 | 000,354,273 | ---- | C] (Farbar) -- D:\Desktop\FSS.exe
[2013/02/27 09:21:28 | 000,000,000 | ---D | C] -- D:\Desktop\Orchard Project
[2013/02/26 17:10:59 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Local\Diagnostics
[2013/02/26 12:25:47 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Skype
[2013/02/26 11:53:59 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Local\VirtualStore
[2013/02/26 11:19:53 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Mozilla
[2013/02/26 11:19:53 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Local\Mozilla
[2013/02/26 11:15:18 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/26 11:15:10 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Local\Google
[2013/02/26 11:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonBJ
[2013/02/25 17:37:45 | 000,000,000 | ---D | C] -- D:\Desktop\Screen Shots
[2013/02/25 16:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013/02/23 20:22:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/22 20:53:09 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/02/20 18:35:29 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\InstallShield
[2013/02/20 15:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/19 16:22:15 | 000,000,000 | ---D | C] -- D:\Desktop\XA-Speakers - The lights are on!_files
[2013/02/19 09:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/17 22:06:55 | 000,000,000 | ---D | C] -- D:\Desktop\Audio
[2013/02/17 21:44:19 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\FlvtoConverter
[2013/02/16 22:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V92 Modem
[2013/02/16 22:03:01 | 000,000,000 | ---D | C] -- D:\My Documents\Defender update
[2013/02/14 22:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/14 09:24:26 | 000,000,000 | ---D | C] -- C:\Windows\AxInstSV
[2013/02/13 09:19:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/02/13 09:19:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/13 09:19:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/02/13 09:19:12 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/13 09:19:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/13 09:19:10 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/13 09:19:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/13 09:19:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/13 08:36:16 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/13 08:35:50 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/13 08:35:49 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/13 08:35:43 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/13 08:35:39 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/02/12 12:58:49 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/02/12 12:58:49 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/10 11:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013/02/10 11:28:50 | 001,122,304 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\libeay32.dll
[2013/02/10 11:28:50 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll
[2013/02/10 11:28:50 | 000,274,432 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\ssleay32.dll
[2013/02/10 11:28:50 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll
[2013/02/09 20:34:54 | 000,000,000 | ---D | C] -- D:\Desktop\FLAT BATH
[2013/02/07 18:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/07 18:57:18 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/02/07 18:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/07 16:55:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/07 10:24:34 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\SmartSoftOCRHelper
[2013/02/07 10:21:12 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\Smart PDF Converter
[2013/02/07 09:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/02/07 09:27:48 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2013/02/07 09:26:17 | 000,000,000 | ---D | C] -- C:\Users\Jo\AppData\Roaming\DSite
[2013/02/05 11:53:29 | 000,000,000 | ---D | C] -- D:\Desktop\The Magdalene Laundry - CBS News_files
[2011/11/16 21:41:04 | 001,287,016 | ---- | C] (Microsoft Corporation) -- C:\Users\Jo\windowslivemoviemaker.exe

========== Files - Modified Within 30 Days ==========

[2013/03/05 15:00:59 | 000,013,984 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/05 15:00:59 | 000,013,984 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/05 14:58:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/05 14:55:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/05 14:49:25 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/05 13:13:29 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/05 13:13:28 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/05 10:00:12 | 000,628,414 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/05 10:00:12 | 000,110,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/05 09:04:29 | 000,071,681 | ---- | M] () -- D:\Desktop\casual films.jpg
[2013/03/05 08:13:48 | 002,346,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/05 08:12:07 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/03/04 20:30:41 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/03/04 20:20:09 | 000,001,959 | ---- | M] () -- D:\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/03/04 19:15:20 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/01 19:27:46 | 000,614,400 | ---- | M] () -- C:\Windows\System32\Image20.dat
[2013/02/28 19:19:34 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/02/28 18:00:31 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013/02/28 17:26:54 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/02/28 08:26:41 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-JOPOPE-PC01-Microsoft-Windows-7-Professional-(32-bit).dat
[2013/02/28 08:24:46 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2013/02/27 10:28:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2013/02/27 10:26:47 | 000,354,273 | ---- | M] (Farbar) -- D:\Desktop\FSS.exe
[2013/02/26 11:15:18 | 000,002,233 | ---- | M] () -- C:\Users\Jo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/26 11:06:07 | 000,000,016 | ---- | M] () -- C:\Windows\91NU.ini
[2013/02/25 11:38:23 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/02/25 11:38:23 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/02/24 17:05:29 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/22 20:47:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts_bak_634
[2013/02/21 17:58:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce105dfba5b11.job
[2013/02/19 16:22:15 | 000,055,187 | ---- | M] () -- D:\Desktop\XA-Speakers - The lights are on!.htm
[2013/02/18 12:05:21 | 009,118,298 | ---- | M] () -- D:\Desktop\PDF JOHNO LUCOZADE THE ARRIVAL.pdf
[2013/02/16 21:50:01 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/02/11 11:51:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/07 18:57:30 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/06 09:13:26 | 000,001,053 | ---- | M] () -- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/05 22:58:22 | 000,013,024 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys

========== Files Created - No Company Name ==========

[2013/03/05 09:04:29 | 000,071,681 | ---- | C] () -- D:\Desktop\casual films.jpg
[2013/03/04 20:20:09 | 000,001,959 | ---- | C] () -- D:\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/02/28 17:26:54 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/02/28 17:26:54 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/02/28 08:26:41 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-JOPOPE-PC01-Microsoft-Windows-7-Professional-(32-bit).dat
[2013/02/28 08:21:01 | 000,002,189 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2013/02/21 17:58:32 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce105dfba5b11.job
[2013/02/19 16:22:14 | 000,055,187 | ---- | C] () -- D:\Desktop\XA-Speakers - The lights are on!.htm
[2013/02/18 20:14:20 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/18 12:05:05 | 009,118,298 | ---- | C] () -- D:\Desktop\PDF JOHNO LUCOZADE THE ARRIVAL.pdf
[2013/02/14 22:38:57 | 000,002,233 | ---- | C] () -- C:\Users\Jo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/14 22:38:57 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/14 16:54:25 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/11 11:51:17 | 000,001,125 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/11 11:51:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/07 18:57:30 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/06 09:13:26 | 000,001,053 | ---- | C] () -- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/28 09:36:09 | 000,614,400 | ---- | C] () -- C:\Windows\System32\Image20.dat
[2013/01/21 20:16:03 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2012/10/29 12:09:28 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/10/29 12:09:28 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/10/29 12:09:28 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/10/29 12:09:28 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/08/17 11:07:04 | 000,013,024 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012/04/13 14:50:39 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2012/04/13 14:50:39 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/07/07 08:18:37 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/06/02 16:35:41 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll
[2011/05/01 16:25:21 | 000,062,349 | ---- | C] () -- C:\Users\Jo\RW1.jpg

========== ZeroAccess Check ==========

[2009/07/14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\Windows\system32\wbem\wbemess.dll -- [2009/07/14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/14 01:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2010/11/20 12:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 01:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 12:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 12:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 21:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/06/02 04:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 12:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 12:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 05:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 01:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 01:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 01:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 12:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/07/14 01:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 01:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 01:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2012/10/03 16:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 01:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 10:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 05:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 01:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 12:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 12:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 01:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 01:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 12:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 12:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 12:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 12:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/05/01 04:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 12:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 12:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 12:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 12:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 12:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 12:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 12:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 12:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 01:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 22:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 12:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 01:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 12:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %systemdrive%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 01:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 05:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 05:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 12:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 05:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 05:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 06:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 21:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 21:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.CFG >
[2012/12/18 19:08:30 | 000,559,043 | ---- | M] () MD5=BA25E8F1460C7453B7488FE4B42F6919 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 02:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 02:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.HTML >
[2008/04/16 16:29:04 | 000,004,166 | ---- | M] () MD5=DB0CABD236311DDEB186C9B8A13F39A6 -- C:\Program Files\BillP Studios\WinPatrol\services.html

< MD5 for: SERVICES.LNK >
[2009/07/14 04:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 04:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 21:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 21:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/14 02:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 21:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 02:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 21:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 20:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 20:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 01:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2009/07/13 21:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2009/07/13 21:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d\WINSOCK.DLL
[2009/07/13 21:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\WINSOCK.DLL

< End of report >
  • 0

#95
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

F8 not working

Acknowledged...

I would like to review the log created by Windows Repair (all in one) please, to locate it:-

Click on Start(Windows 7 Orb) >> Computer >> C: >> Program Files >> Tweaking.com >> Windows Repair (All in One) >> Logs >> _Windows_Repair_Log.txt

Post the contents of the aforementioned(_Windows_Repair_Log.txt) in your next reply please.

Note: If it is too large to post merely attach it - How to add an attachment to a new topic or reply

Next:

How is your computer performing now, any further symptoms and or problems encountered apart from what I am currently aware of ?
  • 0

#96
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hello again, all seems to be ok, things are still freezing occasionally, but thats about it. Here is the log thanks again

Starting Repairs...
Start (04/03/2013 20:22:56)

Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (04/03/2013 20:22:56)
Running Repair Under Current User Account
Done (04/03/2013 20:23:09)

Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (04/03/2013 20:23:09)
Running Repair Under System Account
Done (04/03/2013 20:25:41)

Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (04/03/2013 20:25:41)
Running Repair Under System Account
Done (04/03/2013 20:26:29)

Register System Files
Start (04/03/2013 20:26:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:27:02)

Repair WMI
Start (04/03/2013 20:27:02)
Running Repair Under Current User Account
The system cannot find the path specified.
Invalid Global Switch.

Running Repair Under System Account
The system cannot find the path specified.
Invalid Global Switch.

Done (04/03/2013 20:29:44)

Repair Windows Firewall
Start (04/03/2013 20:29:44)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

System error 5 has occurred.

Access is denied.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

System error 5 has occurred.

Access is denied.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Done (04/03/2013 20:30:05)

Repair Internet Explorer
Start (04/03/2013 20:30:05)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:30:24)

Repair MDAC/MS Jet
Start (04/03/2013 20:30:24)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:30:39)

Repair Hosts File
Start (04/03/2013 20:30:39)
Running Repair Under System Account
Done (04/03/2013 20:30:41)

Remove Policies Set By Infections
Start (04/03/2013 20:30:42)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:30:46)

Repair Icons
Start (04/03/2013 20:30:46)
Running Repair Under System Account
Could Not Find C:\Users\Jo\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\Jo\AppData\Local\IconCache.db
Done (04/03/2013 20:30:49)

Repair Winsock & DNS Cache
Start (04/03/2013 20:30:49)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:31:01)

Repair Proxy Settings
Start (04/03/2013 20:31:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:31:06)

Repair Windows Updates
Start (04/03/2013 20:31:06)
Running Repair Under Current User Account
The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Running Repair Under System Account
The Cryptographic Services service is not started.

More help is available by typing NET HELPMSG 3521.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Done (04/03/2013 20:31:25)

Repair CD/DVD Missing/Not Working
Start (04/03/2013 20:31:25)
Done (04/03/2013 20:31:25)

Repair Volume Shadow Copy Service
Start (04/03/2013 20:31:25)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:31:51)

Set Windows Services To Default Startup
Start (04/03/2013 20:31:51)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:04)

Repair MSI (Windows Installer)
Start (04/03/2013 20:32:04)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:12)

Repair bat Association
Start (04/03/2013 20:32:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:17)

Repair cmd Association
Start (04/03/2013 20:32:17)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:22)

Repair com Association
Start (04/03/2013 20:32:22)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:26)

Repair Directory Association
Start (04/03/2013 20:32:26)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:31)

Repair Drive Association
Start (04/03/2013 20:32:31)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:36)

Repair exe Association
Start (04/03/2013 20:32:36)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:40)

Repair Folder Association
Start (04/03/2013 20:32:41)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:45)

Repair inf Association
Start (04/03/2013 20:32:45)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:50)

Repair lnk (Shortcuts) Association
Start (04/03/2013 20:32:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:55)

Repair msc Association
Start (04/03/2013 20:32:55)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:32:59)

Repair reg Association
Start (04/03/2013 20:32:59)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:33:04)

Repair scr Association
Start (04/03/2013 20:33:04)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:33:09)

Repair Windows Safe Mode
Start (04/03/2013 20:33:09)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:33:13)

Repair Print Spooler
Start (04/03/2013 20:33:13)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:33:26)

Restore Important Windows Services
Start (04/03/2013 20:33:26)
Running Repair Under Current User Account
Running Repair Under System Account
Done (04/03/2013 20:33:31)

Cleaning up empty logs...

All Selected Repairs Done.
Done (04/03/2013 20:33:31)
Total Repair Time: 00:10:35


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under System Account
Starting Repairs...
Start (05/03/2013 07:51:14)

Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (05/03/2013 07:51:14)
Running Repair Under Current User Account
Done (05/03/2013 07:51:27)

Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (05/03/2013 07:51:27)
Running Repair Under System Account
Done (05/03/2013 07:53:30)

Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (05/03/2013 07:53:30)
Running Repair Under System Account
Done (05/03/2013 07:54:18)

Reset File Permissions 01/08
C:\EPSON & Sub Folders
Start (05/03/2013 07:54:18)
Running Repair Under System Account
Done (05/03/2013 07:54:20)

Reset File Permissions 02/08
C:\PerfLogs & Sub Folders
Start (05/03/2013 07:54:21)
Running Repair Under System Account
Done (05/03/2013 07:54:23)

Reset File Permissions 03/08
C:\Program Files & Sub Folders
Start (05/03/2013 07:54:23)
Running Repair Under System Account
Done (05/03/2013 07:55:21)

Reset File Permissions 04/08
C:\ProgramData & Sub Folders
Start (05/03/2013 07:55:21)
Running Repair Under System Account
Done (05/03/2013 07:56:10)

Reset File Permissions 05/08
C:\Recovery & Sub Folders
Start (05/03/2013 07:56:11)
Running Repair Under System Account
Done (05/03/2013 07:56:13)

Reset File Permissions 06/08
C:\RegBackup & Sub Folders
Start (05/03/2013 07:56:13)
Running Repair Under System Account
Done (05/03/2013 07:56:15)

Reset File Permissions 07/08
C:\Temp & Sub Folders
Start (05/03/2013 07:56:15)
Running Repair Under System Account
Done (05/03/2013 07:56:18)

Reset File Permissions 08/08
C:\Windows & Sub Folders
Start (05/03/2013 07:56:18)
Running Repair Under System Account
Done (05/03/2013 08:01:26)

Reset File Permissions 01/09
D:\Desktop & Sub Folders
Start (05/03/2013 08:01:26)
Running Repair Under System Account
Done (05/03/2013 08:01:53)

Reset File Permissions 02/09
D:\Downloads & Sub Folders
Start (05/03/2013 08:01:53)
Running Repair Under System Account
Done (05/03/2013 08:02:05)

Reset File Permissions 03/09
D:\Favorites & Sub Folders
Start (05/03/2013 08:02:05)
Running Repair Under System Account
Done (05/03/2013 08:02:16)

Reset File Permissions 04/09
D:\My Documents & Sub Folders
Start (05/03/2013 08:02:16)
Running Repair Under System Account
Done (05/03/2013 08:02:25)

Reset File Permissions 05/09
D:\My Music & Sub Folders
Start (05/03/2013 08:02:25)
Running Repair Under System Account
Done (05/03/2013 08:03:12)

Reset File Permissions 06/09
D:\My Pictures & Sub Folders
Start (05/03/2013 08:03:12)
Running Repair Under System Account
Done (05/03/2013 08:03:33)

Reset File Permissions 07/09
D:\My Videos & Sub Folders
Start (05/03/2013 08:03:33)
Running Repair Under System Account
Done (05/03/2013 08:03:36)

Reset File Permissions 08/09
D:\Software & Sub Folders
Start (05/03/2013 08:03:36)
Running Repair Under System Account
Done (05/03/2013 08:03:38)

Reset File Permissions 09/09
D:\_OTL & Sub Folders
Start (05/03/2013 08:03:38)
Running Repair Under System Account
Done (05/03/2013 08:03:41)

Reset File Permissions: Cleanup
& Sub Folders
Start (05/03/2013 08:03:41)
Running Repair Under System Account
Done (05/03/2013 08:03:45)

Register System Files
Start (05/03/2013 08:03:45)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:04:17)

Repair WMI
Start (05/03/2013 08:04:17)
Running Repair Under Current User Account
The system cannot find the path specified.
Invalid Global Switch.

Running Repair Under System Account
The system cannot find the path specified.
Invalid Global Switch.

Done (05/03/2013 08:07:02)

Repair Windows Firewall
Start (05/03/2013 08:07:02)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Done (05/03/2013 08:07:37)

Repair Internet Explorer
Start (05/03/2013 08:07:38)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:07:53)

Repair MDAC/MS Jet
Start (05/03/2013 08:07:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:08:08)

Remove Policies Set By Infections
Start (05/03/2013 08:08:08)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:08:12)

Repair Winsock & DNS Cache
Start (05/03/2013 08:08:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:08:21)

Unhide Non System Files
Start (05/03/2013 08:08:21)
C:\ - Total Files Unhidden: 290
D:\ - Total Files Unhidden: 11
Done (05/03/2013 08:10:04)

Repair Windows Updates
Start (05/03/2013 08:10:04)
Running Repair Under Current User Account
The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Running Repair Under System Account
The Cryptographic Services service is not started.

More help is available by typing NET HELPMSG 3521.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Done (05/03/2013 08:10:24)

Set Windows Services To Default Startup
Start (05/03/2013 08:10:24)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:10:39)

Repair MSI (Windows Installer)
Start (05/03/2013 08:10:39)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:10:47)

Repair bat Association
Start (05/03/2013 08:10:48)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:10:52)

Repair cmd Association
Start (05/03/2013 08:10:52)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:10:57)

Repair com Association
Start (05/03/2013 08:10:57)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:02)

Repair Directory Association
Start (05/03/2013 08:11:02)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:06)

Repair Drive Association
Start (05/03/2013 08:11:07)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:11)

Repair exe Association
Start (05/03/2013 08:11:11)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:16)

Repair Folder Association
Start (05/03/2013 08:11:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:21)

Repair inf Association
Start (05/03/2013 08:11:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:25)

Repair lnk (Shortcuts) Association
Start (05/03/2013 08:11:25)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:30)

Repair msc Association
Start (05/03/2013 08:11:30)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:35)

Repair reg Association
Start (05/03/2013 08:11:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:39)

Repair scr Association
Start (05/03/2013 08:11:40)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:44)

Repair Windows Safe Mode
Start (05/03/2013 08:11:44)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:11:49)

Repair Print Spooler
Start (05/03/2013 08:11:49)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:12:02)

Restore Important Windows Services
Start (05/03/2013 08:12:02)
Running Repair Under Current User Account
Running Repair Under System Account
Done (05/03/2013 08:12:06)

Cleaning up empty logs...

All Selected Repairs Done.
Done (05/03/2013 08:12:07)
Total Repair Time: 00:20:53


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under System Account
  • 0

#97
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

all seems to be ok, things are still freezing occasionally, but thats about it

Acknowledged, I would like to perform a few further checks...

Next:

Has your machine ever been able to boot into Safe Mode via Advanced Boot Options ?

Place one of the Start-Up Repair Disks in the optical drive of you machine and then reboot it...

Does the below(or similar) appear or not on screen:-

Press any key to boot from CD or DVD...

If it does appear do not depress any keys and let your machine boot up as normal and remove the Start-Up Repair Disk afterwards.

Check Hard Disk For Errors:

Download the attached hddcheck.bat below and save to your Desktop:-



Now right-click on hddcheck.bat and select Run as Administrator to run the batch file.

A blank command window will open on your desktop, then close in a few minutes. This is normal and the batch file itself will self-delete when completed.

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file in your next reply.

Re-scan with FSS:

Delete FSS.txt if it is still on the desktop then empty the Recycle Bin.

  • Right-click FSS.exe and select Run as Administrator to start the program.
  • Select all available options.
  • Then click on the Scan tab.
  • When the scan is complete, it will produce a log named FSS.txt.
  • Post the contents in your next reply.

  • 0

#98
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hi there,

Yes i think my computer used to boot, but this may have been Windows XP not Windows 7 that someone installed...I am not 100% sure tho....

I put the disc in the drive and restarted the computer, i the CD just whirred in the drive but nothing came up on the screen.

I then tried to run checkhd, downloaded but when i went to right click and run as administrator this message came up..Access Denied as you do not have sufficient privileges. You have to invoke this utility running in elevated mode.

Here is the FSS txt
Farbar Service Scanner Version: 20-02-2013
Ran by Jo (administrator) on 06-03-2013 at 16:14:37
Running from "D:\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-13 08:35] - [2013-01-03 05:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

THANKYOU AGAIN...
  • 0

#99
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

Yes i think my computer used to boot, but this may have been Windows XP not Windows 7 that someone installed...I am not 100% sure tho....

I put the disc in the drive and restarted the computer, i the CD just whirred in the drive but nothing came up on the screen.

OK, what type of keyboard does your machine have/is currently in use as still pondering about the seemingly non working F8 key to bring up the Advanced Boot Options.

Check also if there is a key named F Lock at all, did you actually run through the procedure outlined here:-

How To Boot From a CD, DVD, or BD Disc

So your machine would actually boot up via the Optical Drive first ? Or did this not work either ?

You may answer my queries in your next reply after completing the below if you so wish, either is fine by me.

I then tried to run checkhd, downloaded but when i went to right click and run as administrator this message came up..Access Denied as you do not have sufficient privileges. You have to invoke this utility running in elevated mode.

Not a problem and merely proceed to the below...

Hard-Drive Maintenance/Repair:

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click on TFC.exe and select Run as Administrator.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.
Next:-
  • Click on Start(Windows 7 Orb).
  • Click on All Programs >> Accessories
  • Right click on Command Prompt and select Run as Administrator.
  • Click on Continue at the UAC prompt.
  • At the Command Prompt C:\Windows\System32> type in the following exactly:
  • CD C:\
  • Then depress the Enter/Return and type in the following exactly:
  • DEFRAG C: -F
  • A Analysis report will be displayed and then Windows will start the Defragmentation run automatically.
  • This may take some time, when completed the Command Prompt C:\ > will appear.
  • Now type in CHKDSK C: /R and hit the Enter/Return key.
  • When prompted with:

CHKDSK cannot run because the volume is in use by another process
Would you like to schedule this volume to be checked next time the system
restarts (Y/N)

  • Hit the Y key then at the Command Prompt C:\ >
  • Type in EXIT and and hit the Enter/Return key.
  • Now Reboot(Restart) your computer.
Note: Upon Reboot(Restart) the CHKDSK(check-disk) will start and carry out the repairs required.

You should see a screen like this just after the Post(power on self test) screen:

Posted Image

Note: Do not touch either the Keyboard or Mouse, otherwise the Check-Disk will be cancelled and you computer will continue to boot-up as normal.
  • 0

#100
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hi there, Thankyou for your help, i have done some good stuff and not so good, first the bad news, i got sent a CD to copy for work that is in CDA needed to change to MP3 so downloaded a CDA to mp3 converter and got delta bar again...jesus these lot are everywhere.....have deleted the programme and been into history etc Tricky stuff as even tho' computer is still dodgy my life/work goes on perhaps you can advise where to find the cleanest programmes?

Anyway I have another keyboard which was given to me when the computer was bought which i am now using, the F8 button does nothing there is also no F lock key...However I was able to go into BIOS and set it to run CD on set up...great news. Do I leave the cd in the drive now...its the one i made most recently (system repair)

I have run TFC fine but am stuck on the Command Prompt section as cant Click on Continue at the UAC prompt. There is no such thing i get C Users JO that comes up with flashing curser at end, what to do.....

Thankyou for your continued help...
  • 0

Advertisements


#101
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
I have now got the delta search bar back again since i just went back into Google, god its toxic, please dont give up on helping me am frustrate this happens myself, and surprised my anti malware isnt picking it up ..
  • 0

#102
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

i have done some good stuff and not so good, first the bad news, i got sent a CD to copy for work that is in CDA needed to change to MP3 so downloaded a CDA to mp3 converter and got delta bar again...jesus these lot are everywhere.....have deleted the programme and been into history etc Tricky stuff as even tho' computer is still dodgy my life/work goes on perhaps you can advise where to find the cleanest programmes?

I applaud your honesty with informing myself and not to worry these things happen...with regard to a reliable download source, I will provide information about such when I give the all clear.

I have now got the delta search bar back again since i just went back into Google, god its toxic, please dont give up on helping me am frustrate this happens myself, and surprised my anti malware isnt picking it up

No worries at all. ;) We can address this in due course.

Anyway I have another keyboard which was given to me when the computer was bought which i am now using, the F8 button does nothing there is also no F lock key

Acknowledged, I think we can rule out the actual keyboard as a problem for now then.

I have run TFC fine but am stuck on the Command Prompt section as cant Click on Continue at the UAC prompt. There is no such thing i get C Users JO that comes up with flashing curser at end, what to do.....

Do you mean at the User Account Control prompt clicking on the Yes button does nothing ?

Strange file path that one, thought not completely unusual. I actually suspect when your machine was upgraded to Windows 7 it was not done correctly and problems encountered and or been rectified incorrectly. Plus other issues have further compounded a lot all told.

Your machine is in a bit of mess as you know but we are making headway slowly but surely. Anyway not worry we can come back to this.

If the command window is still running, merely type in exit followed by the enter/return key and or click on the x in the corner to close etc.

However I was able to go into BIOS and set it to run CD on set up...great news. Do I leave the cd in the drive now...its the one i made most recently (system repair)

Good!

OK follow my prior instructions again here in post #78 for Run Windows 7 SRD(just this nothing else afterwards please).

Let myself know when complete, if anything was actually fixed or not. We will then go from there, thank you.
  • 0

#103
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Hi there,

Thanks I have just tried to boot following instructions I can go to boot menu pressing the ESC key on start up, i am then given 5 secs to use arrow key to select what to boot, but cant move anything !! therefore it says it boots from Hard drive not CD or Floppy.

However i can get into BIOS and use arrow keys so set earlier first boot to boot from CD what to do....cheers
  • 0

#104
JoPopey

JoPopey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Also having problem with normal double click of word docs getting this and they wont open, this is a new thing....WORD.jpg
  • 0

#105
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts

Also having problem with normal double click of word docs getting this and they wont open, this is a new thing

Acknowledged.

However i can get into BIOS and use arrow keys so set earlier first boot to boot from CD

Aye that is exactly how I want you to boot up via the start up repair disk etc. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP