Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

"Windows is not genuine" build 7601 error? [Solved]

Windows is not genuine build 7601 virus windows counterfeit

  • This topic is locked This topic is locked

#1
Shruikan66

Shruikan66

    Member

  • Member
  • PipPip
  • 42 posts

Hello! There seems to be a virus accusing me of using a false version of Windows 7. It keeps turning my desktop black, with the words in the bottom right corner:

Windows 7

Build 7601

This copy of Windows is not genuine. 

 

It also harasses me upon start up, and then periodically as I use my computer, about it being false and asks me to resolve the problem online or something?

 

I know for a fact this isnt a false copy of windows. For one, it's been running for like 6 months without this problem so why now? So it must be a nasty virus. I've tried to do various things to counteract it but it seems to be messing with my admin privileges too.

 

I've also looked on windows website for help and there was this scan I did to see if my windows really was counterfeit or not. It just conveniently failed to work each time I ran it saying there was a error and could not identify anything etc. (I can find the exact tool I used if you'd like). Windows essentials has also been utterly useless so far, failing to detect anything wrong after a full scan.

 

This seems like a very difficult problem, I hope someone on here is able to help :(

 

 

Here are the OTL logs:

 

OTL logfile created on: 28/09/2014 10:33:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\testy\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
5.74 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 55.37% Memory free
11.48 Gb Paging File | 8.38 Gb Available in Paging File | 73.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 342.70 Gb Free Space | 73.59% Space Free | Partition Type: NTFS
Drive E: | 5.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MISA | User Name: testy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/28 22:26:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\testy\Desktop\OTL.exe
PRC - [2014/09/28 21:44:58 | 006,790,760 | ---- | M] (Trion Worlds Inc.) -- C:\Program Files (x86)\Glyph\GlyphClient.exe
PRC - [2014/09/28 21:44:58 | 000,851,456 | ---- | M] (Trion Worlds Inc.) -- C:\Program Files (x86)\Glyph\GlyphCrashHandler.exe
PRC - [2014/09/16 12:16:42 | 000,777,944 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2014/09/16 12:16:18 | 000,839,384 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2014/09/16 12:15:08 | 000,384,728 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/09/16 12:14:42 | 000,409,304 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2014/09/16 12:14:38 | 000,366,808 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2014/09/16 12:14:28 | 000,260,824 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2014/09/16 12:14:26 | 000,378,072 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2014/09/03 23:01:19 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/08 09:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/14 20:39:56 | 002,308,872 | ---- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\mylbx.exe
PRC - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2013/05/09 23:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2012/10/16 05:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 19:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2007/04/27 19:40:14 | 001,581,056 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/28 21:45:16 | 001,019,904 | ---- | M] () -- C:\Program Files (x86)\Glyph\xlpack.dll
MOD - [2014/09/28 21:45:06 | 000,866,816 | ---- | M] () -- C:\Program Files (x86)\Glyph\platforms\qwindows.dll
MOD - [2014/09/28 21:45:02 | 000,705,024 | ---- | M] () -- C:\Program Files (x86)\Glyph\libGLESv2.dll
MOD - [2014/09/28 21:45:02 | 000,242,176 | ---- | M] () -- C:\Program Files (x86)\Glyph\imageformats\qjpeg.dll
MOD - [2014/09/28 21:45:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Glyph\libEGL.dll
MOD - [2014/09/28 21:45:02 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Glyph\imageformats\qgif.dll
MOD - [2014/09/23 18:05:21 | 001,435,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\1dee8605c31d9a960f10b450ddfb7687\HD-Agent.ni.exe
MOD - [2014/09/23 18:05:06 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\7514b80bd1290d9c7b8a3d3348312e5d\JSON.ni.dll
MOD - [2014/09/15 20:43:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f4a273c77f0b00e57146542241232d70\System.ServiceProcess.ni.dll
MOD - [2014/09/15 20:43:26 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\349461c3a273efc2b4bd643c2645bd70\System.Web.ni.dll
MOD - [2014/09/15 20:42:47 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3f2952ec748f60fbb5deacfc4db0a2a3\System.Windows.Forms.ni.dll
MOD - [2014/09/15 20:42:40 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8b7f86e5a6f0aa23f4b25dfeeaa6b318\System.Drawing.ni.dll
MOD - [2014/09/15 20:42:34 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3fad44f7fd9f6c117eb02265ab63f80d\System.Xml.ni.dll
MOD - [2014/09/15 20:42:30 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5bf56d6064af88d8812a3f78e0dfd376\System.Configuration.ni.dll
MOD - [2014/09/15 20:42:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll
MOD - [2014/09/15 20:42:00 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/09/03 23:01:18 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll
MOD - [2014/09/03 23:01:17 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
MOD - [2014/09/03 23:01:16 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
MOD - [2014/09/03 23:01:12 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
MOD - [2014/09/03 23:01:10 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
MOD - [2014/09/03 23:01:09 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
MOD - [2014/04/23 16:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/04/23 16:04:54 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/10/16 05:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2007/04/13 20:18:10 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Lenovo\EnergyCut\KbdHook.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/08/18 18:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/13 12:24:13 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/09/16 12:16:42 | 000,777,944 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/09/16 12:15:08 | 000,384,728 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/09/16 12:14:42 | 000,409,304 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/05/08 09:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/06/07 13:02:58 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/11/11 20:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/11 20:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/11/11 20:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/09/15 07:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/01 15:08:04 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/03 23:59:38 | 000,057,648 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd2.sys -- (FSProFilter2)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/09/16 12:14:54 | 000,122,072 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/?o...U221DHP&pc=U221
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\testy\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\testy\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy64.dll ()
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: https://www.google.ca/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: Google Wallet = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\testy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/06/18 21:55:21 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [EnergyCut] C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe (Lenovo(beijing) Limited)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_A73C9AEE7221095378158091CCE61823] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 24.226.1.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{802FC181-7A86-4503-AE7C-82B67922BBDF}: DhcpNameServer = 192.168.1.1 24.226.1.93
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/29 22:57:32 | 000,054,544 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/21 19:48:37 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{c769d213-ea54-11e3-bfe6-f0def14a573c}\Shell - "" = AutoRun
O33 - MountPoints2\{c769d213-ea54-11e3-bfe6-f0def14a573c}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2009/04/29 22:57:32 | 000,054,544 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/28 22:26:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\testy\Desktop\OTL.exe
[2014/09/28 21:45:16 | 000,000,000 | ---D | C] -- C:\Users\testy\AppData\Local\Glyph
[2014/09/28 21:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
[2014/09/28 21:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Glyph
[2014/09/28 21:44:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glyph
[2014/09/28 21:35:59 | 032,085,104 | ---- | C] (Trion Worlds Inc.) -- C:\Users\testy\Desktop\GlyphInstall-0-120.exe
[2014/09/23 18:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/09/23 18:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/09/23 18:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/09/23 18:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2014/09/23 18:02:46 | 000,000,000 | ---D | C] -- C:\Users\testy\AppData\Local\Bluestacks
[2014/09/20 10:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/09/15 21:14:38 | 000,000,000 | ---D | C] -- C:\Users\testy\Documents\RadioActive_data
[2014/09/15 20:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/15 20:37:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/09/15 20:37:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2 C:\Users\testy\Desktop\*.tmp files -> C:\Users\testy\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/28 22:37:37 | 004,612,140 | ---- | M] () -- C:\Users\testy\Desktop\Unconfirmed 859536.crdownload
[2014/09/28 22:26:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\testy\Desktop\OTL.exe
[2014/09/28 22:18:15 | 000,031,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/28 22:18:15 | 000,031,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/28 22:11:22 | 000,001,885 | ---- | M] () -- C:\Users\testy\Desktop\Archeage.lnk
[2014/09/28 21:44:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/28 21:36:50 | 032,085,104 | ---- | M] (Trion Worlds Inc.) -- C:\Users\testy\Desktop\GlyphInstall-0-120.exe
[2014/09/28 21:21:43 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/28 21:13:57 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/28 21:07:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/23 19:32:17 | 000,002,965 | ---- | M] () -- C:\Users\testy\Desktop\save.png
[2014/09/23 18:04:44 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/09/22 20:31:21 | 000,129,507 | ---- | M] () -- C:\Users\testy\Desktop\drawing practice.jpg
[2014/09/15 21:14:39 | 000,022,992 | ---- | M] () -- C:\Users\testy\Desktop\RadioActive.aup
[2014/09/15 20:37:55 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/15 20:34:55 | 326,508,543 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/15 17:17:41 | 000,765,700 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/15 17:17:41 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/15 17:17:41 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/15 17:17:29 | 000,765,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/15 17:16:36 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/09/10 21:21:50 | 003,189,186 | ---- | M] () -- C:\Users\testy\Desktop\RadioActive.mp3
[2014/09/10 21:09:58 | 000,156,563 | ---- | M] () -- C:\Users\testy\Desktop\YOHIO.jpg
[2014/08/31 10:19:03 | 000,002,279 | ---- | M] () -- C:\Users\testy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/31 10:13:55 | 000,356,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Users\testy\Desktop\*.tmp files -> C:\Users\testy\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/28 22:11:22 | 000,001,885 | ---- | C] () -- C:\Users\testy\Desktop\Archeage.lnk
[2014/09/28 21:45:16 | 000,000,997 | ---- | C] () -- C:\Users\testy\Desktop\Glyph.lnk
[2014/09/23 19:32:17 | 000,002,965 | ---- | C] () -- C:\Users\testy\Desktop\save.png
[2014/09/23 18:04:44 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/09/22 20:30:48 | 000,129,507 | ---- | C] () -- C:\Users\testy\Desktop\drawing practice.jpg
[2014/09/15 21:14:38 | 000,022,992 | ---- | C] () -- C:\Users\testy\Desktop\RadioActive.aup
[2014/09/10 21:21:33 | 003,189,186 | ---- | C] () -- C:\Users\testy\Desktop\RadioActive.mp3
[2014/09/10 21:09:57 | 000,156,563 | ---- | C] () -- C:\Users\testy\Desktop\YOHIO.jpg
[2014/08/14 16:23:21 | 000,012,247 | ---- | C] () -- C:\Users\testy\AppData\Local\recently-used.xbel
[2014/07/20 23:05:27 | 000,000,045 | ---- | C] () -- C:\Users\testy\jagex_cl_runescape_LIVE1.dat
[2014/07/20 17:15:27 | 000,000,023 | ---- | C] () -- C:\Users\testy\jagexappletviewer.preferences
[2014/06/25 18:20:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2014/06/21 12:58:22 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/06/19 11:41:47 | 000,000,132 | ---- | C] () -- C:\Users\testy\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/05/18 18:23:01 | 000,000,044 | ---- | C] () -- C:\Users\testy\jagex_cl_runescape_LIVE.dat
[2014/05/18 18:23:01 | 000,000,024 | ---- | C] () -- C:\Users\testy\random.dat
[2014/05/15 17:55:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/05/14 00:07:24 | 000,765,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/09/10 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\.minecraft
[2014/05/16 19:53:21 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\Acoustica
[2014/09/16 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\Audacity
[2014/06/16 18:51:35 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\DAEMON Tools Lite
[2014/06/07 13:06:17 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\DAEMON Tools Pro
[2014/05/22 21:41:45 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\FirstClass
[2014/07/13 13:18:17 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\goober
[2014/07/13 13:25:29 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\Jitsi
[2014/05/15 23:13:08 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\Oracle
[2014/05/16 19:53:26 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\SynthMaker
[2014/05/15 22:15:21 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\SYSTEMAX Software Development
[2014/06/27 09:56:09 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\Wacom
[2014/07/12 23:00:05 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\wacomid-desktop-launcher
[2014/06/27 10:07:43 | 000,000,000 | ---D | M] -- C:\Users\testy\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
 
========== Purity Check ==========
 
 
 
< End of report >
 
 
 

OTL Extras logfile created on: 28/09/2014 10:33:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\testy\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
5.74 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 55.37% Memory free
11.48 Gb Paging File | 8.38 Gb Available in Paging File | 73.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 342.70 Gb Free Space | 73.59% Space Free | Partition Type: NTFS
Drive E: | 5.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MISA | User Name: testy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.pif[@ = piffile] -- C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe (Foolish IT LLC)
.scr[@ = scrfile] -- C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe (Foolish IT LLC)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.pif [@ = piffile] -- C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe (Foolish IT LLC)
.scr [@ = scrfile] -- C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe (Foolish IT LLC)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %* (Foolish IT LLC)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" %* (Foolish IT LLC)
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %* (Foolish IT LLC)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" %* (Foolish IT LLC)
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0086BA5A-C0CD-4A4C-8AF6-90E510C89010}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{03BDA60B-CFC4-4CF4-8205-13AFF1440E71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{06A152D2-7857-4207-8FF7-002B93DDE5B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0DE11B0B-56F4-4D96-B0D4-9D07BC3CD96C}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{114B223E-126A-431B-B7A7-B067D44FBA63}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{1E34E2B3-848E-4AE9-8C38-0A5991852729}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{221BCD33-D91F-49E8-B7D6-0340892B4745}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{3F8E5706-C178-4C53-A2FE-5A5EB89392B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{436DEE29-3256-458A-B82A-22F6932C29CD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4D2B3340-B9F2-412F-A8B5-204A3AA32E76}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{56886CB7-F4F3-4D17-9374-2E6313ED2A18}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5BCEAB2D-7187-46C5-A649-D7D1F5B93DDD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{65A38268-B243-4E17-8DF2-C8335879EEBF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{79592127-F801-4E26-B963-C961B8E4A41B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{96EC3EE8-2D53-4660-8A9A-AF55E079624C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BC2C6171-7839-4817-9EB1-8CD06271D35E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C79BE452-E4DE-42CE-A79D-CEF888A287EB}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D28270E5-F449-4E0E-B76E-3FCA77DDD149}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D4084FA6-5F91-4DE3-BE7D-B83FC5EFB3D8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{EDF130F8-8B25-49C6-8A04-CFC075A4C73F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EEDC82EF-AE94-4B00-9857-6A57CCFBA00E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F1C047C8-99A7-4431-94C8-9CDD8503E6B1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F29258D0-AEB6-497A-9D37-7E9C00C3F19C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FEC2A8D7-8F77-4AED-BB36-493BFFCAEF34}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13FA9DA0-8117-4A65-8454-3C707C12FFE7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1A09A6C8-9D87-42B4-95C0-AC1FDE364A43}" = protocol=6 | dir=out | app=system | 
"{2E074A05-608A-4128-B65F-54830EE11E89}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{341165C5-4284-436F-AD5D-3F1F985D245E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3E5E8F93-CFE7-42AB-8B3B-85FA660EFB62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4C9DEFA4-F4F3-4208-B333-D27F49A4DF51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6718DBD1-D43E-4607-BA2A-208493F4CD61}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{68B462EA-FCD3-43F8-BA7B-5B9881BF2C84}" = protocol=58 | dir=out | [email protected],-503 | 
"{76801B27-F286-4953-B2E6-02BDA7607D50}" = protocol=1 | dir=out | [email protected],-28544 | 
"{7B4F4F27-7801-40D3-B67B-934AECD5D4A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7FA12B2E-5F50-45B6-8B56-177D26F8F49A}" = protocol=58 | dir=out | [email protected],-28546 | 
"{81D83672-271E-43F0-9082-82134151E91A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{83028109-9D5C-4481-B3F4-8A6BF662D56B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{91EBFB7B-FBB6-4358-9055-EADCA9929C50}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9C160AA4-91BE-4466-AD5A-8976B1C09D26}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9C6CDDEA-4948-4D16-BB4E-C638D8A69918}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9E868FFA-6870-4365-AB45-188FF4DE439C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B5042A6D-51EA-408D-ACCE-9392E321478A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B540B869-96FC-4CCF-9A82-AFC6F63886A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B6A62B4D-4EAD-4D00-94DB-5C2B100B4FCE}" = protocol=58 | dir=in | [email protected],-28545 | 
"{C113B593-E5D2-43F4-8E98-E8AEB72C5170}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D563CBA7-6B2E-415C-965D-EAF7C38D474E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E5360AC7-4C91-4127-9266-AD1189FB10ED}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{EAF4B5CD-6DE5-4E0A-8700-EFC85D639485}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EE723003-20DD-47BD-9CCC-4422350AE738}" = protocol=58 | dir=in | app=system | 
"{EF21BBEF-EC80-4F00-B63C-F769A7F1DF4E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{F0D9E10A-7CF3-494E-A3B5-DF84565B40DB}" = protocol=1 | dir=in | [email protected],-28543 | 
"TCP Query User{36C2331D-E59C-4583-9DBD-6E3D102CD285}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | 
"TCP Query User{76D6C501-5B15-493C-A12D-1C291D8D85AC}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{A8A90F15-C0B5-42D4-ACC6-5C31D29C20C0}C:\program files (x86)\goober messenger\goober.exe" = protocol=6 | dir=in | app=c:\program files (x86)\goober messenger\goober.exe | 
"TCP Query User{B21B9442-7A0B-4805-830E-5D771D527FC1}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{DC40B54D-E9BF-44F0-BA09-96AE42C8A9F9}C:\program files (x86)\goober messenger\goober.exe" = protocol=6 | dir=in | app=c:\program files (x86)\goober messenger\goober.exe | 
"TCP Query User{E1304953-00EA-4268-B451-CA179FA58C2D}C:\program files (x86)\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\portal 2\portal2.exe | 
"TCP Query User{E484456F-1B01-4105-8B20-4528EE9A8F13}C:\program files (x86)\jitsi\jitsi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jitsi\jitsi.exe | 
"TCP Query User{F345A9A9-394C-425C-A3DA-4A535C8EB37E}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | 
"TCP Query User{FEB537B0-1477-4438-919F-0B79B7568824}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{1C00ED9A-EB46-44AC-BFC3-6A4E29B80A09}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{4143A530-96D9-48F8-85BB-045A444D7717}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | 
"UDP Query User{4EDC4BE2-76DB-489B-964E-8A0328AF3FFE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{536483B8-C695-4D87-822A-FEAC64691FD9}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | 
"UDP Query User{59E5BE17-74FD-4D07-8EF6-62C01CA320B7}C:\program files (x86)\goober messenger\goober.exe" = protocol=17 | dir=in | app=c:\program files (x86)\goober messenger\goober.exe | 
"UDP Query User{5CB033D1-49DB-4FCC-AF8E-CEDE3CFEE855}C:\program files (x86)\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\portal 2\portal2.exe | 
"UDP Query User{822AD225-6409-4B6D-BF16-398DE4090718}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{A7360069-E9B1-420F-B73E-EF72A946D248}C:\program files (x86)\jitsi\jitsi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jitsi\jitsi.exe | 
"UDP Query User{FFFF3BCB-2DDB-456B-8B18-E46C672D7627}C:\program files (x86)\goober messenger\goober.exe" = protocol=17 | dir=in | app=c:\program files (x86)\goober messenger\goober.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"Microsoft Security Client" = Microsoft Security Essentials
"My Lockbox_is1" = My Lockbox 3.2
"Pen Tablet Driver" = Wacom
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F2C90ED-7FF4-4CC4-A876-24F6BB55FA34}_is1" = Portal 2 version 2.0
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1" = CryptoPrevent v6.0.1
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}" = EnergyCut
"{6EBED885-73D9-4750-B96E-FD654500E59F}" = FirstClass Client
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{835D562C-B72C-461D-A9C3-B8206B66E85A}" = RPG Maker VX Ace
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}" = BlueStacks Notification Center
"{BDF90AE9-C455-49B8-AEC6-D2B9737A4E54}_is1" = Portal 1 version 1.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}" = RuneScape Launcher 1.2.3
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Photoshop CS6" = Adobe Photoshop CS6
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Audacity_is1" = Audacity 2.0.5
"Bamboo Dock" = Bamboo Dock
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Pro" = DAEMON Tools Pro
"DVDStyler_is1" = DVDStyler v2.7.2
"FrostWire 5" = FrostWire 5.7.3
"Glyph" = Glyph
"Glyph Archeage" = Archeage
"Google Chrome" = Google Chrome
"RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinRAR archiver" = WinRAR 5.10 beta 4 (32-bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013 for testy
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for testy
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23/09/2014 10:13:24 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6146
 
Error - 23/09/2014 10:13:25 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23/09/2014 10:13:25 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7176
 
Error - 23/09/2014 10:13:25 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7176
 
Error - 23/09/2014 10:13:26 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23/09/2014 10:13:26 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8174
 
Error - 23/09/2014 10:13:26 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8174
 
Error - 23/09/2014 10:13:28 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23/09/2014 10:13:28 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9625
 
Error - 23/09/2014 10:13:28 PM | Computer Name = MISA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9625
 
[ System Events ]
Error - 30/08/2014 3:17:46 PM | Computer Name = MISA | Source = Microsoft Antimalware | ID = 2004
Description = %%860 has encountered an error trying to load signatures and will 
attempt reverting back to a known-good set of signatures.     Signatures Attempted: %%824
 
Error
 Code: 0x80070002     Error description: The system cannot find the file specified.      Signature
 version: 0.0.0.0;0.0.0.0     Engine version: 0.0.0.0
 
Error - 30/08/2014 3:17:53 PM | Computer Name = MISA | Source = Microsoft Antimalware | ID = 2004
Description = %%860 has encountered an error trying to load signatures and will 
attempt reverting back to a known-good set of signatures.     Signatures Attempted: %%825
 
Error
 Code: 0x8050a004     Error description: This package does not contain up-to-date definition
 files for this program. For more information, see Help and Support.      Signature version:
 1.183.805.0;1.183.805.0     Engine version: 1.1.10802.0
 
Error - 30/08/2014 3:20:51 PM | Computer Name = MISA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 0.0.0.0     Update Source: %%859     Update Stage: %%854
 
Source
 Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803     User: NT AUTHORITY\SYSTEM
 
Current
 Engine Version:      Previous Engine Version: 0.0.0.0     Error code: 0x80240016     Error description:
 An unexpected problem occurred while checking for updates. For information on installing
 or troubleshooting updates, see Help and Support. 
 
Error - 30/08/2014 3:20:51 PM | Computer Name = MISA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 0.0.0.0     Update Source: %%859     Update Stage: %%854
 
Source
 Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803     User: NT AUTHORITY\SYSTEM
 
Current
 Engine Version:      Previous Engine Version: 0.0.0.0     Error code: 0x80240016     Error description:
 An unexpected problem occurred while checking for updates. For information on installing
 or troubleshooting updates, see Help and Support. 
 
Error - 30/08/2014 3:20:51 PM | Computer Name = MISA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 0.0.0.0     Update Source: %%859     Update Stage: %%853
 
Source
 Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803     User: NT AUTHORITY\SYSTEM
 
Current
 Engine Version:      Previous Engine Version: 0.0.0.0     Error code: 0x80240016     Error description:
 An unexpected problem occurred while checking for updates. For information on installing
 or troubleshooting updates, see Help and Support. 
 
Error - 31/08/2014 10:13:48 AM | Computer Name = MISA | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:10:29 AM on ?31/?08/?2014 was unexpected.
 
Error - 31/08/2014 10:20:52 AM | Computer Name = MISA | Source = DCOM | ID = 10016
Description = 
 
Error - 31/08/2014 10:20:52 AM | Computer Name = MISA | Source = DCOM | ID = 10016
Description = 
 
Error - 15/09/2014 8:38:31 PM | Computer Name = MISA | Source = DCOM | ID = 10010
Description = 
 
Error - 22/09/2014 8:31:28 PM | Computer Name = MISA | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 70. The internal error state
 is 105.
 
 
< End of report >
 

 


  • 0

Advertisements


#2
Shruikan66

Shruikan66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

I've reinstalled windows. You may as well lock this topic or delete it or whatever. 


  • 0

#3
azarl

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: Windows is not genuine, build 7601, virus, windows counterfeit

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP