Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google search doesn't work [Closed]

Started by elahw , Mar 23 2013 08:34 AM

  • This topic is locked This topic is locked

#1
elahw
Posted 23 March 2013 - 08:34 AM

elahw

    Member

  • Member
  • PipPip
  • 12 posts
Recently the google search on my computer stopped working, both using the address bar in Chrome and google.com. I uninstalled Chrome thinking it was a problem with the browser, but it google won't work in Explorer either and now I can't re-download Chrome (Explorer won't let me open the download page). I'm using Bing.com as a search engine and it's working fine.

Please Help!!!
  • 0

Advertisements

#2
Essexboy
Posted 23 March 2013 - 10:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there I will need to look at your system first

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
elahw
Posted 23 March 2013 - 10:36 AM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I ran OTL. These are the logs:
1) OTL.tzt:
OTL logfile created on: 23/03/2013 18:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ellawe\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040d | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

2.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 46.45% Memory free
5.89 Gb Paging File | 3.90 Gb Available in Paging File | 66.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.52 Gb Total Space | 257.03 Gb Free Space | 89.39% Space Free | Partition Type: NTFS
Drive D: | 172.94 Gb Total Space | 157.24 Gb Free Space | 90.92% Space Free | Partition Type: NTFS
Drive G: | 5.01 Gb Total Space | 5.00 Gb Free Space | 99.91% Space Free | Partition Type: FAT32

Computer Name: ELLAWE | User Name: ellawe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/23 18:21:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ellawe\Desktop\OTL.exe
PRC - [2013/03/23 16:16:18 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/08/17 17:38:51 | 000,522,232 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012/08/17 17:38:22 | 000,479,224 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012/04/29 09:01:58 | 000,501,600 | ---- | M] (Athena Smartcard Solutions) -- C:\Program Files\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
PRC - [2012/03/14 13:52:26 | 000,319,360 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe
PRC - [2012/03/14 13:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012/03/14 09:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/01/17 15:12:30 | 000,104,208 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
PRC - [2012/01/09 11:39:32 | 000,509,440 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
PRC - [2011/09/25 20:25:04 | 001,433,692 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2011/09/25 20:25:04 | 000,286,802 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2011/09/13 16:13:40 | 000,652,328 | R--- | M] (Ericsson AB) -- C:\Program Files\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
PRC - [2011/08/23 03:23:48 | 002,774,320 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vcsFPService.exe
PRC - [2011/08/08 16:46:08 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/08/08 16:46:06 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/12/03 14:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/03/03 01:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/15 12:14:16 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/02/15 12:14:01 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/11 08:03:36 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/11 08:02:02 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/11 07:55:26 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/11 07:54:59 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/11 07:54:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/11 07:54:50 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/11 07:54:37 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/07/25 15:25:54 | 000,113,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll
MOD - [2012/07/25 15:25:54 | 000,093,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll
MOD - [2011/10/21 07:49:58 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll


========== Services (SafeList) ==========

SRV - [2013/03/23 16:16:19 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/17 17:38:22 | 000,479,224 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012/07/26 08:12:08 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/03/14 13:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012/03/14 09:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/01/17 15:12:30 | 000,104,208 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012/01/09 11:39:32 | 000,509,440 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011/09/25 20:25:04 | 000,286,802 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2011/09/13 16:13:40 | 000,652,328 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2011/08/23 03:23:48 | 002,774,320 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV - [2011/08/08 16:46:08 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/08/08 16:46:06 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/12/03 14:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/07/14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/03 01:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bsusbser.sys -- (bsusbser)
DRV - [2012/11/28 10:42:06 | 001,826,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2012/08/17 17:30:20 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/08/17 17:29:22 | 000,087,976 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsock.sys -- (acsock)
DRV - [2012/02/27 15:28:10 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2012/02/27 15:28:08 | 000,023,128 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\johci.sys -- (johci)
DRV - [2012/02/22 12:52:10 | 000,283,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1c6232.sys -- (e1cexpress)
DRV - [2012/02/21 00:18:20 | 010,339,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Netwsn00.sys -- (NETwNs32)
DRV - [2012/01/09 11:32:12 | 000,141,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPALP)
DRV - [2012/01/09 11:32:12 | 000,141,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPAL)
DRV - [2011/09/25 20:25:04 | 000,444,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2011/09/07 15:46:34 | 000,242,216 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WwanUsbMp.sys -- (WwanUsbServ)
DRV - [2011/09/06 10:57:38 | 000,088,104 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\h36wgps.sys -- (h36wgps)
DRV - [2011/09/05 08:51:44 | 000,025,640 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wwanussf.sys -- (ecnssndisfltr)
DRV - [2011/09/05 08:51:42 | 000,023,592 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wwanuss.sys -- (ecnssndis)
DRV - [2011/08/23 04:11:48 | 000,270,336 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011/08/22 15:47:44 | 000,419,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
DRV - [2011/08/22 15:47:44 | 000,402,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV - [2011/08/22 15:47:44 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
DRV - [2011/08/22 15:47:42 | 000,364,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV - [2011/07/18 07:11:42 | 000,021,560 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2011/05/13 17:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 17:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 03:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 03:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 03:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 01:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 00:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 00:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 00:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/19 15:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/01/26 11:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he-IL
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 68 D5 63 CE 27 CE 01 [binary data]
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-3832408751-3022974131-2692355260-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [IDProtect Monitor] C:\Program Files\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (Athena Smartcard Solutions)
O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: שלח אל OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : ש&לח אל OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ה&ערות מקושרות של OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : ה&ערות מקושרות של OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76A9ACEA-EC5D-4F1A-B862-360A9C535D5C}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B34A6C39-B71F-44CC-9B59-FCA9E2E0529E}: DhcpNameServer = 10.61.10.201
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/23 18:21:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ellawe\Desktop\OTL.exe
[2013/03/23 16:23:15 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013/03/23 16:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/03/23 16:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/03/23 16:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2013/03/23 16:00:17 | 000,000,000 | ---D | C] -- C:\Users\ellawe\AppData\Roaming\Malwarebytes
[2013/03/23 16:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/23 15:59:35 | 000,000,000 | ---D | C] -- C:\Users\ellawe\AppData\Local\Programs
[2013/03/20 06:25:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/20 06:25:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/20 06:25:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/20 06:25:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/20 06:25:13 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/20 06:25:12 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/20 06:25:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/20 06:25:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/17 10:44:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/17 08:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/17 08:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/27 22:19:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/02/27 22:19:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/02/27 22:19:45 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 22:19:45 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 22:19:44 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 22:19:44 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/02/27 22:19:44 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 22:19:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/02/27 22:19:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 22:19:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 22:19:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 22:19:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 22:19:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 22:19:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 22:19:44 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 22:19:43 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/02/27 22:19:43 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/02/27 22:19:43 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/02/27 22:19:43 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/02/27 22:19:43 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/02/27 22:19:43 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/02/27 22:19:43 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/02/27 22:19:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/02/27 22:19:43 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 22:19:43 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

========== Files - Modified Within 30 Days ==========

[2013/03/23 18:21:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ellawe\Desktop\OTL.exe
[2013/03/23 17:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/23 17:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/23 17:02:58 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/23 17:02:58 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/23 16:55:59 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/23 16:55:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/23 16:55:50 | 2370,584,576 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/23 16:40:58 | 000,000,000 | ---- | M] () -- C:\Users\ellawe\defogger_reenable
[2013/03/23 16:23:15 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013/03/23 16:16:18 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/23 16:16:18 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/17 08:11:05 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2013/03/23 16:40:58 | 000,000,000 | ---- | C] () -- C:\Users\ellawe\defogger_reenable
[2013/03/23 16:16:21 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/28 10:42:06 | 001,826,784 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2012/11/28 10:42:06 | 000,026,464 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/07/25 16:08:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/07/25 16:08:16 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/07/25 16:03:23 | 000,361,692 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2012/07/25 16:03:23 | 000,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2012/07/25 16:03:23 | 000,069,228 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2012/07/25 16:03:23 | 000,032,166 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2012/07/25 15:42:35 | 000,035,244 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
[2012/07/25 15:23:58 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012/07/25 15:21:29 | 000,033,280 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2012/07/25 15:21:29 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/07/25 15:14:14 | 000,148,128 | ---- | C] () -- C:\Windows\System32\Presets.bin
[2012/07/25 15:14:14 | 000,004,080 | ---- | C] () -- C:\Windows\System32\stwrt.ini
[2012/07/25 15:14:14 | 000,000,149 | ---- | C] () -- C:\Windows\System32\IDTNGUI.exe.config
[2012/07/25 15:14:13 | 000,077,796 | ---- | C] () -- C:\Windows\System32\B-31C3.ini
[2012/07/25 15:14:13 | 000,076,693 | ---- | C] () -- C:\Windows\System32\B-31C2.ini
[2012/07/25 15:14:13 | 000,075,620 | ---- | C] () -- C:\Windows\System32\B-31A0.ini
[2012/07/25 15:14:13 | 000,075,612 | ---- | C] () -- C:\Windows\System32\B-21C0.ini
[2012/07/25 15:14:13 | 000,075,610 | ---- | C] () -- C:\Windows\System32\B-21D1.ini
[2012/07/25 15:14:13 | 000,075,599 | ---- | C] () -- C:\Windows\System32\B-32A1.ini
[2012/07/25 15:14:13 | 000,075,595 | ---- | C] () -- C:\Windows\System32\B-21D0.ini
[2012/07/25 15:14:13 | 000,075,591 | ---- | C] () -- C:\Windows\System32\B-21B1.ini
[2012/07/25 15:14:13 | 000,075,582 | ---- | C] () -- C:\Windows\System32\B-21B0.ini
[2012/07/25 15:14:13 | 000,075,559 | ---- | C] () -- C:\Windows\System32\B-21C1.ini
[2012/07/25 15:14:13 | 000,075,557 | ---- | C] () -- C:\Windows\System32\B-31C1.ini
[2012/07/25 15:14:13 | 000,075,548 | ---- | C] () -- C:\Windows\System32\B-31C0.ini
[2012/07/25 15:14:13 | 000,075,539 | ---- | C] () -- C:\Windows\System32\B-31E0.ini
[2012/07/25 15:14:13 | 000,075,535 | ---- | C] () -- C:\Windows\System32\B-31D0.ini
[2012/07/25 15:14:13 | 000,075,524 | ---- | C] () -- C:\Windows\System32\B-31F0.ini
[2012/07/25 15:14:13 | 000,075,141 | ---- | C] () -- C:\Windows\System32\B-41A0.ini
[2012/07/25 15:14:13 | 000,074,026 | ---- | C] () -- C:\Windows\System32\B-23B1.ini
[2012/07/25 15:14:13 | 000,074,025 | ---- | C] () -- C:\Windows\System32\B-24A1.ini
[2012/07/25 15:14:13 | 000,074,013 | ---- | C] () -- C:\Windows\System32\B-23A1.ini
[2012/07/25 15:14:13 | 000,074,005 | ---- | C] () -- C:\Windows\System32\B-23A0.ini
[2012/07/25 15:14:13 | 000,073,993 | ---- | C] () -- C:\Windows\System32\B-23B0.ini
[2012/07/25 15:14:13 | 000,073,992 | ---- | C] () -- C:\Windows\System32\B-23C0.ini
[2012/07/25 15:14:13 | 000,073,950 | ---- | C] () -- C:\Windows\System32\B-24A0.ini
[2012/07/25 15:14:13 | 000,073,276 | ---- | C] () -- C:\Windows\System32\B-02C.ini
[2012/07/25 15:14:13 | 000,032,578 | ---- | C] () -- C:\Windows\System32\2011_SRS_Speaker_L.ini
[2012/07/25 15:14:13 | 000,032,578 | ---- | C] () -- C:\Windows\System32\2011_BEATS_Speaker_M.ini
[2012/04/29 09:00:34 | 000,980,832 | ---- | C] () -- C:\Windows\System32\LASERToken.dll
[2012/04/29 09:00:28 | 000,968,544 | ---- | C] () -- C:\Windows\System32\CNSToken.dll
[2012/04/29 09:00:22 | 001,079,136 | ---- | C] () -- C:\Windows\System32\AsepcosToken.dll
[2012/03/12 10:49:46 | 000,038,720 | ---- | C] () -- C:\Windows\System32\ASESPR.dll
[2011/10/21 08:23:10 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011/10/21 08:23:08 | 000,217,536 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011/10/21 08:23:04 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2011/10/21 08:22:52 | 000,056,832 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2011/10/21 08:03:02 | 013,903,872 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2011/10/21 07:52:04 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/10/21 07:50:16 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2011/10/21 07:49:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/09/14 18:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2011/08/23 09:10:44 | 000,000,256 | ---- | C] () -- C:\Windows\System32\vcsAPIShared.dll.hpsign
[2011/05/30 20:58:34 | 000,185,168 | ---- | C] () -- C:\Windows\System32\PassThroughOTP.dll
[2011/05/30 20:58:34 | 000,000,256 | ---- | C] () -- C:\Windows\System32\PassThroughOTP.dll.hpsign

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/14 03:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2010/11/20 03:18:04 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 03:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 03:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 03:18:08 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 23:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 03:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 03:18:32 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 07:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 03:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 03:19:24 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 03:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 03:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2012/10/03 18:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 03:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 12:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 07:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 03:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 03:21:02 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 03:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 03:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 03:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 03:21:28 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 03:21:20 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 03:21:06 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 03:21:30 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/05/01 06:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 03:17:52 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 03:18:06 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 03:18:06 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 03:21:08 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 03:21:36 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 03:19:42 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 03:21:36 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 03:17:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 03:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/03 00:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 03:18:36 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 03:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 03:21:38 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 03:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.CFG >
[2012/12/18 16:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 04:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 04:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2009/07/13 17:36:00 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=BB1F3CCB7F898D955DC8741A9A55C6C9 -- C:\Windows\System32\he-IL\services.exe.mui
[2009/07/13 17:36:00 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=BB1F3CCB7F898D955DC8741A9A55C6C9 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_he-il_507617bf60b0cc27\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 17:39:56 | 000,092,772 | ---- | M] () MD5=12AEE29308F64C90487BD09AE283DEFA -- C:\Windows\System32\he-IL\services.msc
[2009/07/13 17:39:56 | 000,092,772 | ---- | M] () MD5=12AEE29308F64C90487BD09AE283DEFA -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_he-il_8ab7e7ab371a661a\services.msc
[2009/07/14 04:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 04:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 03:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 03:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 03:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 03:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2009/07/13 23:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2009/07/13 23:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d\WINSOCK.DLL
[2009/07/13 23:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\WINSOCK.DLL

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >



2)Extras.txt:
OTL Extras logfile created on: 23/03/2013 18:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ellawe\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040d | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

2.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 46.45% Memory free
5.89 Gb Paging File | 3.90 Gb Available in Paging File | 66.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.52 Gb Total Space | 257.03 Gb Free Space | 89.39% Space Free | Partition Type: NTFS
Drive D: | 172.94 Gb Total Space | 157.24 Gb Free Space | 90.92% Space Free | Partition Type: NTFS
Drive G: | 5.01 Gb Total Space | 5.00 Gb Free Space | 99.91% Space Free | Partition Type: FAT32

Computer Name: ELLAWE | User Name: ellawe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{243B1B31-860E-4AF8-8D01-7A9375FB6FBD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B7500B1F-EBEC-40AE-96F6-E3C5A0C8D8CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C50A1233-2B52-48D3-AA7C-DF1A857C09CE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{FE76BDF0-158A-4FC1-8DBD-D23729060571}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{35D2E477-8524-4294-9D6A-D8481328389F}" = HP Software Framework
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{54FD3A78-58D4-41F0-97E0-13804DDE016E}" = Validity Fingerprint Sensor Driver
"{646E8C34-C88B-42F9-9F41-985A801219E1}" = HP Mobile Broadband Drivers
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6EED9925-813E-4E4A-ABAA-9A8744C49510}" = Cisco AnyConnect Secure Mobility Client
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-040D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hebrew) 2010
"{90140000-0016-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-040D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hebrew) 2010
"{90140000-0018-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-040D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hebrew) 2010
"{90140000-0019-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-040D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hebrew) 2010
"{90140000-001A-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-040D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hebrew) 2010
"{90140000-001B-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0401-0000-0000000FF1CE}_Office14.STANDARD_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2010
"{90140000-001F-040D-0000-0000000FF1CE}_Office14.STANDARD_{16C5AEEC-D632-4FAA-BFDC-BBF36F473E09}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2010
"{90140000-001F-0419-0000-0000000FF1CE}_Office14.STANDARD_{DD6E7CDF-BDFF-43CF-8CCE-84FBEC5ABB77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-040D-0000-0000000FF1CE}" = Microsoft Office Proofing (Hebrew) 2010
"{90140000-002C-040D-0000-0000000FF1CE}_Office14.STANDARD_{6DE4A120-C7C5-4DED-AA3E-F32EE37012C5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-040D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hebrew) 2010
"{90140000-006E-040D-0000-0000000FF1CE}_Office14.STANDARD_{C52DDB57-C2DE-4CBE-ABF8-EF39F9F396B2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-040D-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Hebrew) 2010
"{90140000-00A1-040D-0000-0000000FF1CE}_Office14.STANDARD_{30CB2A7E-01CF-428F-A639-B43983311EEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AC76BA86-7AD7-5676-5A64-A00000000003}" = Adobe Reader Extended Language Support Font Pack
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B789DBAF-D6C3-4910-8528-01B704B6237B}" = IDProtectClient 6.13.10
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F24F876B-7D71-4BD6-88E9-614D3BB84228}" = Alcor Micro Smart Card Reader Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.STANDARD" = Microsoft Office Standard 2010
"PROSet" = Intel® Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SZCCID" = Alcor Micro Smart Card Reader Driver
"VLC media player" = VLC media player 2.0.5

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18/01/2013 08:39:01 | Computer Name = ellawe | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 24.0.1312.52 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 14ec Start
Time: 01cdf56ffe103d86 Termination Time: 53 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report
Id: f61b9a9e-616b-11e2-bf5b-e4115b5ac35b

Error - 28/01/2013 02:43:58 | Computer Name = ellawe | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 24.0.1312.56, time
stamp: 0x50f8e9e4 Faulting module name: npSkypeChromePlugin.dll, version: 6.5.0.11422,
time stamp: 0x50c9e5d7 Exception code: 0x40000015 Fault offset: 0x001123b0 Faulting
process id: 0x530 Faulting application start time: 0x01cdfca7b624f50f Faulting application
path: C:\Program Files\Google\Chrome\Application\chrome.exe Faulting module path:
C:\Users\ellawe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
Report
Id: 17069e71-6916-11e2-ba9f-402cf4ca2cc3

Error - 30/01/2013 10:05:05 | Computer Name = ellawe | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 24.0.1312.56 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1460 Start
Time: 01cdfecf2066b1ee Termination Time: 52 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report
Id: 0162ba73-6ae6-11e2-aa38-402cf4ca2cc3

Error - 31/01/2013 14:33:05 | Computer Name = ellawe | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 24.0.1312.56 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1558 Start
Time: 01cdffc26f7ed5b0 Termination Time: 82 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report
Id: a0aa3e7f-6bd4-11e2-bc67-402cf4ca2cc3

Error - 03/02/2013 04:57:10 | Computer Name = ellawe | Source = Application Error | ID = 1000
Description = Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp:
0x4e7fe6ad Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp:
0x4ec49b60 Exception code: 0xc000000d Fault offset: 0x00097c41 Faulting process id:
0x3ec Faulting application start time: 0x01ce016596017f85 Faulting application path:
C:\Program Files\IDT\WDM\STacSV.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: b1357a4b-6ddf-11e2-9de9-402cf4ca2cc3

Error - 15/02/2013 02:59:27 | Computer Name = ellawe | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 24.0.1312.57 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 10f0 Start
Time: 01ce0ad362eb9c00 Termination Time: 118 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report
Id: 2b33506a-773d-11e2-9c84-402cf4ca2cc3

Error - 26/02/2013 00:53:13 | Computer Name = ellawe | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 24.0.1312.57, time
stamp: 0x510326ea Faulting module name: npSkypeChromePlugin.dll, version: 6.6.0.11664,
time stamp: 0x510a49f6 Exception code: 0x40000015 Fault offset: 0x00113030 Faulting
process id: 0xf68 Faulting application start time: 0x01ce134c1b3e2337 Faulting application
path: C:\Program Files\Google\Chrome\Application\chrome.exe Faulting module path:
C:\Users\ellawe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll
Report
Id: 6c88ce28-7fd0-11e2-a6fe-402cf4ca2cc3

Error - 26/02/2013 06:59:02 | Computer Name = ellawe | Source = Application Error | ID = 1000
Description = Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp:
0x4e7fe6ad Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp:
0x4ec49b60 Exception code: 0xc000000d Fault offset: 0x00097c41 Faulting process id:
0x3cc Faulting application start time: 0x01ce0d95a2d4189e Faulting application path:
C:\Program Files\IDT\WDM\STacSV.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 87181008-8003-11e2-a6fe-402cf4ca2cc3

Error - 26/02/2013 15:58:41 | Computer Name = ellawe | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 25.0.1364.97 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 15e4 Start
Time: 01ce144dd396ffbf Termination Time: 46 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report
Id:

Error - 20/03/2013 18:47:37 | Computer Name = ellawe | Source = Application Error | ID = 1000
Description = Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp:
0x4e7fe6ad Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp:
0x4ec49b60 Exception code: 0xc000000d Fault offset: 0x00097c41 Faulting process id:
0x3fc Faulting application start time: 0x01ce2525cbc2a6d5 Faulting application path:
C:\Program Files\IDT\WDM\STacSV.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 292c98a6-91b0-11e2-ba96-402cf4ca2cc3

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::searchProcessesForUserToken File:
.\IPC\WinsecAPI.cpp Line: 1391 Invoked Function: Process32Next Return Code: 18 (0x00000012)
Description:
There are no more files.

Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108865
Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
Line:
101 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL

Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
.\IPC\WinsecAPI.cpp Line: 81 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
92 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
70 Invoked Function: CapiCertUtils Return Code: -32767981 (0xFE0C0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
40 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32767981 (0xFE0C0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
1101 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
-32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


Error - 23/03/2013 10:55:58 | Computer Name = ellawe | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 23/03/2013 10:56:00 | Computer Name = ellawe | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4618
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: No more data
is available.

Error - 23/03/2013 10:56:01 | Computer Name = ellawe | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1127 NULL object. Cannot establish a connection at this time.

[ System Events ]
Error - 04/12/2012 06:09:01 | Computer Name = ellawe | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 1207.

Error - 04/12/2012 06:09:12 | Computer Name = ellawe | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 1207.

Error - 04/12/2012 06:09:25 | Computer Name = ellawe | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 1207.

Error - 04/12/2012 06:09:44 | Computer Name = ellawe | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 1207.

Error - 07/12/2012 07:14:26 | Computer Name = ellawe | Source = Service Control Manager | ID = 7034
Description = The Audio Service service terminated unexpectedly. It has done this
1 time(s).

Error - 13/12/2012 05:36:48 | Computer Name = ellawe | Source = DCOM | ID = 10010
Description =

Error - 13/12/2012 05:36:53 | Computer Name = ellawe | Source = DCOM | ID = 10010
Description =

Error - 16/12/2012 16:22:54 | Computer Name = ellawe | Source = Service Control Manager | ID = 7034
Description = The Audio Service service terminated unexpectedly. It has done this
1 time(s).

Error - 07/01/2013 06:08:53 | Computer Name = ellawe | Source = DCOM | ID = 10010
Description =

Error - 30/01/2013 15:52:57 | Computer Name = ellawe | Source = Service Control Manager | ID = 7023
Description = The Windows Update service terminated with the following error: %%-2147467243


< End of report >
  • 0

#4
Essexboy
Posted 23 March 2013 - 11:07 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I can see no indicators of malware there at the moment, so I will initially reset your internet

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Files
ipconfig /release /c
ipconfig /renew /c
netsh winsock reset catalog /c 
netsh int ip reset /c
ipconfig /flushdns /c

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
elahw
Posted 23 March 2013 - 11:16 AM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Here is the log:

All processes killed
========== FILES ==========
< ipconfig /release /c >
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
Wireless LAN adapter Wireless Network Connection 3:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::853d:63e4:8d1f:9346%19
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : nsm.local
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:c47:27b6:f5ff:fffe
Link-local IPv6 Address . . . . . : fe80::c47:27b6:f5ff:fffe%12
Default Gateway . . . . . . . . . : ::
Tunnel adapter isatap.{76A9ACEA-EC5D-4F1A-B862-360A9C535D5C}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\ellawe\Desktop\cmd.bat deleted successfully.
C:\Users\ellawe\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
Wireless LAN adapter Wireless Network Connection 3:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::853d:63e4:8d1f:9346%19
IPv4 Address. . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.138
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : nsm.local
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:246a:3843:f5ff:fffe
Link-local IPv6 Address . . . . . : fe80::246a:3843:f5ff:fffe%12
Default Gateway . . . . . . . . . : ::
C:\Users\ellawe\Desktop\cmd.bat deleted successfully.
C:\Users\ellawe\Desktop\cmd.txt deleted successfully.
< netsh winsock reset catalog /c >
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
C:\Users\ellawe\Desktop\cmd.bat deleted successfully.
C:\Users\ellawe\Desktop\cmd.txt deleted successfully.
< netsh int ip reset /c >
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
C:\Users\ellawe\Desktop\cmd.bat deleted successfully.
C:\Users\ellawe\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\ellawe\Desktop\cmd.bat deleted successfully.
C:\Users\ellawe\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 54617284 bytes
->Temporary Internet Files folder emptied: 44880472 bytes
->Google Chrome cache emptied: 7181277 bytes
->Flash cache emptied: 492 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ellawe
->Temp folder emptied: 50170641 bytes
->Temporary Internet Files folder emptied: 117353356 bytes
->Flash cache emptied: 3123 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 113444273 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 141598 bytes
RecycleBin emptied: 27889 bytes

Total Files Cleaned = 370.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 03232013_191132

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#6
Essexboy
Posted 23 March 2013 - 12:06 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now try to reach google please
  • 0

#7
elahw
Posted 23 March 2013 - 12:09 PM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I tried after running OTL the second time, and now again -- still no Google! :(
  • 0

#8
Essexboy
Posted 23 March 2013 - 12:13 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you type this number into the address bar and let me know where it takes you 64.233.160.0
  • 0

#9
elahw
Posted 24 March 2013 - 02:04 PM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi, copied and pasted the number you sent into the address bar but it didn't take me anywhere...the page didn't load
  • 0

#10
Essexboy
Posted 24 March 2013 - 03:31 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you install any programme just prior to this ? Also do you have a firewall
  • 0

Advertisements

#11
elahw
Posted 24 March 2013 - 03:42 PM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I don't recall installing anything.
I don't know if I have firewall, but I didn't change anything before Google stopped working.
Any more ideas how to fix this?
  • 0

#12
Essexboy
Posted 24 March 2013 - 03:50 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets look at the net settings

Please download MiniToolBox, save it to your desktop and run it.
Posted Image
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#13
elahw
Posted 25 March 2013 - 12:35 AM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Here is the result:
MiniToolBox by Farbar Version:05-03-2013
Ran by ellawe (administrator) on 25-03-2013 at 08:27:01
Running from "C:\Users\ellawe\Downloads"
Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection 3 (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows = Local Area Connection 3 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ellawe
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205 #2
Physical Address. . . . . . . . . : 8C-70-5A-55-B0-D4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::853d:63e4:8d1f:9346%19(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : ‰…Ť™‰ 25 Ž• 2013 08:21:09
Lease Expires . . . . . . . . . . : ‰…Ť™‰ 25 Ž• 2013 09:21:08
Default Gateway . . . . . . . . . : 10.0.0.138
DHCP Server . . . . . . . . . . . : 10.0.0.138
DHCPv6 IAID . . . . . . . . . . . : 495743066
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3B-74-DB-E4-11-5B-5A-C3-5B
DNS Servers . . . . . . . . . . . : 10.0.0.138
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : E4-11-5B-5A-C3-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 40-2C-F4-CA-2C-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:207d:3b9c:f5ff:fffe(Preferred)
Link-local IPv6 Address . . . . . : fe80::207d:3b9c:f5ff:fffe%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{76A9ACEA-EC5D-4F1A-B862-360A9C535D5C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4F41B4D5-B399-45DC-AC62-5ABC16EDD11D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B53465A7-1C8C-4FF2-BEF1-ECFA5C16A8C5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.138

Name: google.com
Addresses: 2a00:1450:4001:c02::8b
173.194.70.101
173.194.70.139
173.194.70.100
173.194.70.138
173.194.70.102
173.194.70.113


Pinging google.com [173.194.70.139] with 32 bytes of data:
Reply from 173.194.70.139: bytes=32 time=130ms TTL=47
Reply from 173.194.70.139: bytes=32 time=164ms TTL=47

Ping statistics for 173.194.70.139:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 130ms, Maximum = 164ms, Average = 147ms
Server: UnKnown
Address: 10.0.0.138

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=267ms TTL=48
Reply from 98.139.183.24: bytes=32 time=295ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 267ms, Maximum = 295ms, Average = 281ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
19...8c 70 5a 55 b0 d4 ......Intel® Centrino® Advanced-N 6205 #2
13...e4 11 5b 5a c3 5b ......Intel® 82579V Gigabit Network Connection
11...40 2c f4 ca 2c c3 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.1 25
10.0.0.0 255.255.255.0 On-link 10.0.0.1 281
10.0.0.1 255.255.255.255 On-link 10.0.0.1 281
10.0.0.255 255.255.255.255 On-link 10.0.0.1 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.1 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.1 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:207d:3b9c:f5ff:fffe/128
On-link
19 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::207d:3b9c:f5ff:fffe/128
On-link
19 281 fe80::853d:63e4:8d1f:9346/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
19 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/24/2013 10:02:11 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16470 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bf0

Start Time: 01ce28c1d323c7f6

Termination Time: 31

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (03/21/2013 00:47:37 AM) (Source: Application Error) (User: )
Description: Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp: 0x4e7fe6ad
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc000000d
Fault offset: 0x00097c41
Faulting process id: 0x3fc
Faulting application start time: 0xSTacSV.exe0
Faulting application path: STacSV.exe1
Faulting module path: STacSV.exe2
Report Id: STacSV.exe3

Error: (02/26/2013 09:58:41 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 25.0.1364.97 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15e4

Start Time: 01ce144dd396ffbf

Termination Time: 46

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id:

Error: (02/26/2013 00:59:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp: 0x4e7fe6ad
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc000000d
Fault offset: 0x00097c41
Faulting process id: 0x3cc
Faulting application start time: 0xSTacSV.exe0
Faulting application path: STacSV.exe1
Faulting module path: STacSV.exe2
Report Id: STacSV.exe3

Error: (02/26/2013 06:53:13 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 24.0.1312.57, time stamp: 0x510326ea
Faulting module name: npSkypeChromePlugin.dll, version: 6.6.0.11664, time stamp: 0x510a49f6
Exception code: 0x40000015
Fault offset: 0x00113030
Faulting process id: 0xf68
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (02/15/2013 08:59:27 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10f0

Start Time: 01ce0ad362eb9c00

Termination Time: 118

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id: 2b33506a-773d-11e2-9c84-402cf4ca2cc3

Error: (02/03/2013 10:57:10 AM) (Source: Application Error) (User: )
Description: Faulting application name: STacSV.exe, version: 1.0.6367.0, time stamp: 0x4e7fe6ad
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc000000d
Fault offset: 0x00097c41
Faulting process id: 0x3ec
Faulting application start time: 0xSTacSV.exe0
Faulting application path: STacSV.exe1
Faulting module path: STacSV.exe2
Report Id: STacSV.exe3

Error: (01/31/2013 08:33:05 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1558

Start Time: 01cdffc26f7ed5b0

Termination Time: 82

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id: a0aa3e7f-6bd4-11e2-bc67-402cf4ca2cc3

Error: (01/30/2013 04:05:05 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1460

Start Time: 01cdfecf2066b1ee

Termination Time: 52

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id: 0162ba73-6ae6-11e2-aa38-402cf4ca2cc3

Error: (01/28/2013 08:43:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 24.0.1312.56, time stamp: 0x50f8e9e4
Faulting module name: npSkypeChromePlugin.dll, version: 6.5.0.11422, time stamp: 0x50c9e5d7
Exception code: 0x40000015
Fault offset: 0x001123b0
Faulting process id: 0x530
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3


System errors:
=============
Error: (03/23/2013 07:11:33 PM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/23/2013 04:00:28 PM) (Source: Service Control Manager) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error:
%%32

Error: (03/21/2013 00:47:40 AM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/18/2013 10:41:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

Error: (02/27/2013 10:19:56 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/26/2013 00:59:05 PM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/03/2013 10:57:14 AM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/30/2013 09:52:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147467243

Error: (01/07/2013 00:08:53 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (12/16/2012 10:22:54 PM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (03/25/2013 08:27:25 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16470eac01ce28d68a044af247C:\Program Files\Internet Explorer\iexplore.exe

Error: (03/24/2013 10:02:11 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164701bf001ce28c1d323c7f631C:\Program Files\Internet Explorer\iexplore.exe

Error: (03/21/2013 00:47:37 AM) (Source: Application Error)(User: )
Description: STacSV.exe1.0.6367.04e7fe6adntdll.dll6.1.7601.177254ec49b60c000000d00097c413fc01ce2525cbc2a6d5C:\Program Files\IDT\WDM\STacSV.exeC:\Windows\SYSTEM32\ntdll.dll292c98a6-91b0-11e2-ba96-402cf4ca2cc3

Error: (02/26/2013 09:58:41 PM) (Source: Application Hang)(User: )
Description: chrome.exe25.0.1364.9715e401ce144dd396ffbf46C:\Program Files\Google\Chrome\Application\chrome.exe

Error: (02/26/2013 00:59:02 PM) (Source: Application Error)(User: )
Description: STacSV.exe1.0.6367.04e7fe6adntdll.dll6.1.7601.177254ec49b60c000000d00097c413cc01ce0d95a2d4189eC:\Program Files\IDT\WDM\STacSV.exeC:\Windows\SYSTEM32\ntdll.dll87181008-8003-11e2-a6fe-402cf4ca2cc3

Error: (02/26/2013 06:53:13 AM) (Source: Application Error)(User: )
Description: chrome.exe24.0.1312.57510326eanpSkypeChromePlugin.dll6.6.0.11664510a49f64000001500113030f6801ce134c1b3e2337C:\Program Files\Google\Chrome\Application\chrome.exeC:\Users\ellawe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll6c88ce28-7fd0-11e2-a6fe-402cf4ca2cc3

Error: (02/15/2013 08:59:27 AM) (Source: Application Hang)(User: )
Description: chrome.exe24.0.1312.5710f001ce0ad362eb9c00118C:\Program Files\Google\Chrome\Application\chrome.exe2b33506a-773d-11e2-9c84-402cf4ca2cc3

Error: (02/03/2013 10:57:10 AM) (Source: Application Error)(User: )
Description: STacSV.exe1.0.6367.04e7fe6adntdll.dll6.1.7601.177254ec49b60c000000d00097c413ec01ce016596017f85C:\Program Files\IDT\WDM\STacSV.exeC:\Windows\SYSTEM32\ntdll.dllb1357a4b-6ddf-11e2-9de9-402cf4ca2cc3

Error: (01/31/2013 08:33:05 PM) (Source: Application Hang)(User: )
Description: chrome.exe24.0.1312.56155801cdffc26f7ed5b082C:\Program Files\Google\Chrome\Application\chrome.exea0aa3e7f-6bd4-11e2-bc67-402cf4ca2cc3

Error: (01/30/2013 04:05:05 PM) (Source: Application Hang)(User: )
Description: chrome.exe24.0.1312.56146001cdfecf2066b1ee52C:\Program Files\Google\Chrome\Application\chrome.exe0162ba73-6ae6-11e2-aa38-402cf4ca2cc3


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Reader Extended Language Support Font Pack (Version: 10.0.0)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Alcor Micro Smart Card Reader Driver (Version: 1.7.28.0)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.10055)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.10055)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
HP Hotkey Support (Version: 4.5.9.1)
HP Mobile Broadband Drivers (Version: 7.0.0.4)
HP Software Framework (Version: 4.0.80.1)
HP Webcam Driver (Version: 5.8.50060.0)
IDProtectClient 6.13.10 (Version: 6.13.10)
IDT Audio (Version: 1.0.6367.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections Drivers (Version: 16.8)
Intel® Processor Graphics (Version: 8.15.10.2559)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
JMicron 1394 Filter Driver (Version: 1.00.23.01)
JMicron Flash Media Controller Driver (Version: 1.0.68.0)
LSI HDA Modem (Version: 2.2.100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Russian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Hebrew) 2010 (Version: 14.0.6029.1000)
Skype Click to Call (Version: 6.6.11664)
Skype™ 6.2 (Version: 6.2.106)
Synaptics Pointing Device Driver (Version: 16.0.3.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Validity Fingerprint Sensor Driver (Version: 4.3.216.0)
VLC media player 2.0.5 (Version: 2.0.5)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 3014.36 MB
Available physical RAM: 2337.66 MB
Total Pagefile: 6027 MB
Available Pagefile: 4961.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.18 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:287.52 GB) (Free:256.62 GB) NTFS
2 Drive d: () (Fixed) (Total:172.94 GB) (Free:157.24 GB) NTFS
4 Drive g: (HP_TOOLS) (Fixed) (Total:5.01 GB) (Free:5 GB) FAT32

========================= Users: ========================================

User accounts for \\ELLAWE

admin Administrator ellawe
Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#14
Essexboy
Posted 25 March 2013 - 05:18 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Pinging google.com [173.194.70.139] with 32 bytes of data:
Reply from 173.194.70.139: bytes=32 time=130ms TTL=47
Reply from 173.194.70.139: bytes=32 time=164ms TTL=47

The programme was still able to ping Google

Could you go Control Panel > Internet options
Select the Advanced tab and press reset
Click Apply > OK then retry Google

[attachment=63948:Capture.JPG]
  • 0

#15
elahw
Posted 25 March 2013 - 05:26 AM

elahw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi, I did as you asked, still no Google...!?! :(
What next?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP