Can't use sfc in cmd prompt, can't repair from disc, can't update! HELP!(screenshots)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
Everytime I start my computer I get an error message saying "eoi.dll not found"
I was recently having bluescreen crashes that would say "memory_management" which I think were related to a cpu issue, "symmetry test fail," I have since had the cpu replaced.
I can't run sfc /scannow in the cmd promt, even when run as an administrator, it cancels as it starts
I can't repair the os from the windows 7 disc, it says I need to download sp1 and run updates
I can't run updates. My os is certified, but the updates seem to cancel just as they begin, just like with the sfc /scannow
I'm kind of out of options, all I want is for my computer to install updates properly but I'm pretty sure the os is corrupt somehow, but I can't find a way to repair it without formatting the whole system. Any suggestions?

Screenshots
http://imgur.com/ktm9Kjd
http://imgur.com/qrZ8aLB
http://imgur.com/4yCjcMZ
http://imgur.com/MrQ8eeN


Original Post:
http://forums.techguy.org/windows-7/1086607-cant-use-sfc-cmd-prompt.html#post8594126


HijackThis______________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:34 AM, on 1/24/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Users\Esche\Downloads\uTorrent.exe
C:\Users\Esche\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Users\Esche\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - (no file)
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Esche\Downloads\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [F.lux] "C:\Users\Esche\Local Settings\Apps\F.lux\flux.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10164 bytes




DDS___________________
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.7.2
Run by Esche at 9:08:03 on 2013-01-24
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8175.6012 [GMT -8:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\ASDR.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ExpressFiles\EFUpdater.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Users\Esche\Downloads\uTorrent.exe
C:\Users\Esche\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ie
uURLSearchHooks: {88ac3cb6-596b-4217-964c-b6757ef9602d} - <orphaned>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
uRun: [uTorrent] "C:\Users\Esche\Downloads\uTorrent.exe" /MINIMIZED
uRun: [F.lux] "C:\Users\Esche\Local Settings\Apps\F.lux\flux.exe"
mRun: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 206.248.154.22 206.248.154.170
TCP: Interfaces\{52757CE4-850D-4119-B419-29168A4BFB65} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{FAD708FA-879B-40B7-8A1B-E8C55AB38819} : DHCPNameServer = 206.248.154.22 206.248.154.170
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Users\Esche\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-11 20:54; [email protected]; C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\extensions\[email protected]
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - tt=090212_noffx
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - c4f7e9f9000000000000002522c03c4b
FF - user.js: extensions.BabylonToolbar_i.hardId - c4f7e9f9000000000000002522c03c4b
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15385
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.173:18:11
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extentions.y2layers.installId - e80e8109-1297-43f2-9ce0-43ffc9989636
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
.
FF - user.js: extensions.autoDisableScopes - 14
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-23 8704]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2012-1-30 15368]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-12-9 31344]
R1 EIO64;EIO Driver;C:\Windows\System32\drivers\EIO64.sys [2012-1-30 16384]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-1-30 15936]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-28 203776]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-12-9 65536]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [2012-5-12 193888]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [2012-5-12 211808]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-1-30 2656280]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-1-30 27760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-1-30 116240]
R3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-1-30 31808]
R3 IOMap;IOMap;C:\Windows\System32\drivers\IOMAP64.SYS [2012-1-30 20048]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-1-30 76912]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-1-30 2153072]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-1-30 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-1-30 79360]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-1-19 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-1-19 9800]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-1-30 79360]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-31 1255736]
S4 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-10-5 109064]
.
=============== Created Last 30 ================
.
2013-01-24 12:23:56 -------- d-----w- C:\Users\Esche\AppData\Roaming\Malwarebytes
2013-01-24 12:23:40 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-24 12:23:40 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-24 12:23:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-24 12:23:30 -------- d-----w- C:\Users\Esche\AppData\Local\Programs
2013-01-23 16:34:56 35192 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-01-23 16:34:55 26488 ----a-w- C:\Windows\System32\authuitu.dll
2013-01-23 16:34:55 21880 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-01-23 16:34:39 -------- d-----w- C:\Users\Esche\AppData\Roaming\AVG
2013-01-23 16:34:10 -------- d-----w- C:\ProgramData\AVG
2013-01-23 16:34:06 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-01-22 17:52:49 -------- d-----w- C:\ProgramData\AVG January 2013 Campaign
2013-01-22 04:39:52 119808 ----a-r- C:\Users\Esche\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-01-22 00:06:50 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2013-01-19 17:42:43 3316736 ----a-w- C:\Windows\System32\¸´¼þ BootMan.exe
2013-01-19 17:42:43 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2013-01-19 17:42:42 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2013-01-19 17:42:42 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2013-01-19 17:42:42 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2013-01-19 17:42:42 3376640 ----a-w- C:\Windows\System32\BootMan.exe
2013-01-19 17:42:42 2468520 ----a-w- C:\Windows\SysWow64\BootMan.exe
2013-01-19 17:42:42 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2013-01-19 17:42:42 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2013-01-19 17:42:42 14920 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2013-01-19 17:42:42 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2013-01-19 17:42:38 -------- d-----w- C:\Program Files (x86)\EaseUS
2013-01-19 17:22:43 -------- d-----w- C:\Program Files\WDCSAM
2013-01-07 23:07:59 -------- d-----w- C:\Users\Esche\AppData\Roaming\Blender Foundation
2013-01-07 22:59:25 -------- d-----w- C:\Users\Esche\.thumbnails
2013-01-07 22:58:51 -------- d-----w- C:\Program Files (x86)\Blender Foundation
2013-01-07 14:09:52 -------- d-----w- C:\Program Files (x86)\wings3d_1.4.1
2013-01-07 13:53:58 -------- d-----w- C:\Program Files\enGits
2013-01-07 13:32:35 -------- d-----w- C:\Program Files (x86)\VCG
2013-01-07 12:23:02 -------- d-----w- C:\ProgramData\Package Cache
2013-01-07 12:14:22 -------- d-----w- C:\Users\Esche\AppData\Roaming\Slic3r
2013-01-03 04:29:57 -------- d-----w- C:\win32-loader
2012-12-31 15:25:56 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2012-12-31 15:25:02 -------- d-----w- C:\ProgramData\YTD Video Downloader
2012-12-31 15:24:59 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2012-12-30 19:10:51 -------- d-----w- C:\Program Files (x86)\Foxit Software
2012-12-29 12:02:50 -------- d-----w- C:\Users\Esche\AppData\Local\Wajam
2012-12-29 12:02:50 -------- d-----w- C:\Program Files (x86)\Wajam
.
==================== Find3M ====================
.
2013-01-08 22:33:09 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 22:33:09 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-17 06:41:33 503808 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-12-09 22:59:38 31344 ----a-w- C:\Windows\System32\drivers\cnnctfy2.sys
2012-11-25 17:58:50 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-11-25 17:58:49 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-25 17:58:49 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-11-22 01:11:39 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-11-22 01:11:39 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-11-22 01:11:39 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-11-22 01:11:39 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-11-22 01:11:39 1008640 ----a-w- C:\Windows\System32\user32.dll
2009-02-13 19:02:52 80896 ----a-w- C:\Program Files\devcon_amd64.exe
.
============= FINISH: 9:08:25.97 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/29/2012 3:06:45 PM
System Uptime: 1/24/2013 5:29:10 AM (4 hours ago)
.
Motherboard: ASRock | | H61M-VS
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | CPUSocket | 2176/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 57.625 GiB free.
D: is CDROM (UDF)
E: is CDROM ()
F: is Removable
G: is CDROM (UDF)
H: is FIXED (NTFS) - 1862 GiB total, 1580.467 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP281: 1/18/2013 7:15:47 AM - Scheduled Checkpoint
RP282: 1/19/2013 9:14:34 AM - Installed WD FAT32 Formatter
RP283: 1/21/2013 4:26:46 PM - Removed SweetIM for Messenger 3.7
RP284: 1/21/2013 4:32:06 PM - Removed Internet Explorer Toolbar 4.7 by SweetPacks
RP285: 1/21/2013 4:32:36 PM - Removed Update Manager for SweetPacks 1.1
RP286: 1/21/2013 4:50:33 PM - Windows Update
RP287: 1/21/2013 7:29:24 PM - Windows Update
RP288: 1/21/2013 8:39:42 PM - Installed Windows 7 USB/DVD Download Tool
RP289: 1/23/2013 8:10:53 AM - Installed Microsoft Windows Debugging Symbols
RP290: 1/23/2013 8:34:13 AM - Installed AVG PC TuneUp
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Alan Wake
Apple Application Support
Apple Software Update
ASRock App Charger v1.0.4
ASRock eXtreme Tuner v0.1.53
ASRock InstantBoot v1.26
ASUS Gamer OSD
ASUS Smart Doctor
ASUS VGA Driver
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
AVG 2012
AVG PC TuneUp
AVG PC TuneUp Language Pack (en-US)
Blender
Botanicula
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help English
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Connectify Hotspot
Dear Esther
Dishonored
DivX Setup
EaseUS Partition Master 9.2.1 Home Edition
Endless.Space
enGrid 1.4.0
ExpressFiles
F.lux
Fallout 3
Foxit Reader
FreeArc 0.666
FTL version 1.01
GetFLV 9.1.1.1
GetFLV Pro
Google Chrome
Hi-Rez Studios Authenticate and Update Service
Intel(R) Management Engine Components
IrfanView (remove only)
Java 7 Update 7
Java 7 Update 9 (64-bit)
Java Auto Updater
Java(TM) 6 Update 31
Malwarebytes Anti-Malware version 1.70.0.1100
MeshLab 1.3.2
Microsoft .NET Framework 4.5
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Windows Debugging Symbols
Microsoft XNA Framework Redistributable 4.0
Minecraft Cracked
Minecraft1.4.6
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
nLite 1.4.1
NVIDIA PhysX
OpenSCAD (remove only)
Platform
Pokemon Black & White PC [Hyperdrive25]
QuickTime
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SES Driver
skidrow
Sound Blaster X-Fi MB
Source SDK Base 2006
SPORE&#8482;
SPORE&#8482; Galactic Adventures
Steam
Tenda Wireless LAN Card
Tribes Ascend
tumblweed
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 1.1.11
Vuze
Wajam
Winamp
Winamp Detector Plug-in
Windows 7 USB/DVD Download Tool
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0)
Wings 3D 1.4.1
WinRAR 4.10 (32-bit)
XFastUsb
XviD MPEG-4 Video Codec
Yontoo 1.12.02
YourFileDownloader
YTD Video Downloader 3.9.6
.
==== Event Viewer Messages From Past Week ========
.
1/24/2013 5:42:35 AM, Error: Service Control Manager [7034] - The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s).
1/24/2013 5:30:29 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: The dependency service or group failed to start.
1/24/2013 5:29:50 AM, Error: Service Control Manager [7001] - The AVGIDSDriver service depends on the AVGIDSFilter service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/23/2013 12:20:10 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 12:19:09 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 11:17:38 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: [email protected]
1/21/2013 9:57:21 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding
1/21/2013 7:29:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error: An instance of the service is already running.
1/21/2013 7:28:21 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SSDP Discovery service, but this action failed with the following error: An instance of the service is already running.
1/21/2013 7:28:20 PM, Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/21/2013 7:28:20 PM, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
1/21/2013 7:28:20 PM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
1/21/2013 7:28:20 PM, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The Superfetch service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The HomeGroup Listener service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7034] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 3 time(s).
1/21/2013 6:16:36 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
1/21/2013 6:16:36 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/21/2013 6:05:05 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
1/21/2013 5:06:03 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/21/2013 5:01:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Hotfix for Windows (KB947821).
1/21/2013 4:53:44 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
1/21/2013 4:01:28 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/18/2013 7:20:02 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{3f83f4fe-4ad4-11e1-9901-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B0790A8B-8AF9-4E55-BE2B-24C187FED879}' was corrupted and it has been recovered. Some data might have been lost.
.
==== End Of File ===========================



GMER_________________
GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-24 09:29:41
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721050CLA362 rev.JP2OA50E 465.76GB
Running: jfrrjzyy.exe; Driver: C:\Users\Esche\AppData\Local\Temp\ugloapow.sys


---- Threads - GMER 2.0 ----

Thread C:\Program Files (x86)\ExpressFiles\EFUpdater.exe [1936:2240] 0000000077242e3e
Thread C:\Program Files (x86)\ExpressFiles\EFUpdater.exe [1936:3448] 0000000073a532fb
Thread C:\Program Files (x86)\ExpressFiles\EFUpdater.exe [1936:2988] 0000000077243e59
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4460] 00000000696b6314
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4480] 00000000696b539b
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4484] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4488] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4496] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4500] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4504] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4512] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4516] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4520] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4524] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4528] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4532] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4536] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4540] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4544] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4548] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4612] 0000000077242e3e
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4184] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4332] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4328] 0000000073b02f69
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4384] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3868] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4168] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4172] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4164] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3752] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3864] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3788] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3004] 00000000746f2733
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3856] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:2928] 0000000073a532fb
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:1744] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4232] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3532] 0000000077243e59
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4968] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3680] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4584] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:2284] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3436] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:1460] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:2384] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4064] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:1112] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3608] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4588] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:1352] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:788] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:2272] 0000000069c9775e
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4804] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4068] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4228] 0000000077243e59
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:5036] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:2944] 0000000070ce6f14
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3340] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:3600] 000000006e44c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4216:4120] 0000000077243e59
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:3336] 00000000696b539b
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:3804] 000000006239eb50
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:2420] 000000006239eb50
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:5104] 0000000077242e3e
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:4932] 0000000077243e59
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:4356] 000000006239eb50
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:740] 000000006239eb50
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:4708] 0000000073b02f69
Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [2588:3468] 0000000077243e59
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1060] 000007fefc950000
Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [3772] 000007fef0300000

---- EOF - GMER 2.0 ----
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
Please run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
 
Joined
May 7, 2011
Messages
14,142
I have subscribed to this thread and will be happy to continue diagnosis after the MGADiag report has been checked.

Please tell me if you have run any tests on the RAM or the hard drive. Why was the CPU replaced when the BSOD's stated memory management as that would usually indicate the RAM is faulty.
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
http://imgur.com/MdvmaSe
^^^
This is all they gave me. I went to Best Buy with a noise complain (random grinding from an old fan) and blue screen crashes. They just ran some program on it, didn't even listen for a grinding noise, said my cpu failed and they could fix it for twice the price of the part. I don't know what tests they ran, but their customer service sucked and they pretty much did nothing for the $60 I paid them. Complete waste of money and time

Thanks for helping my situation. Here's the MGADiag, I hope this helps. Any idea whats going on? lol


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: [Deleted for security reasons]
Windows Product Key Hash: [Deleted for reasons of security reasons]
Windows Product ID: [Deleted for reasons of security reasons]
Windows Product ID Type: 8
Windows License Type: COA SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {A19B8852-3ECB-4E3D-BD70-8D67F0DA50F3}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.120503-2030
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_70AFE6BE-656-80070057_E2AD56EA-815-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Esche\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A19B8852-3ECB-4E3D-BD70-8D67F0DA50F3}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-8DDBF</PKey><PID>00359-OEM-9804322-19844</PID><PIDType>8</PIDType><SID>S-1-5-21-4041361382-4006658097-1894578863</SID><SYSTEM><Manufacturer>To Be Filled By O.E.M.</Manufacturer><Model>To Be Filled By O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P1.10</Version><SMBIOSVersion major="2" minor="7"/><Date>20110303000000.000000+000</Date></BIOS><HWID>2DBB3607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>A9778A8B4949DBA</Val><Hash>PYBWM0QjCiTx5dxXJWWHV4m4kRo=</Hash><Pid>81602-OEM-6873317-62474</Pid><PidType>4</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00196-043-219844-02-1033-7600.0000-0232013
Installation ID: 021625537336531261680173030156123782272201667030673954
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 8DDBF
License Status: Licensed
Remaining Windows rearm count: 2
Trusted time: 1/27/2013 10:29:44 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: OAAAAAMABAABAAEAAQACAAAAAQABAAEAln0mUU40POhbp0rd2gE4oWI0KMrild6IYj3UszA8LnM=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
HPET ALASKA A M I
MCFG ALASKA A M I
SSDT AMICPU PROC
AAFT ALASKA OEMAAFT
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
You've edited the report. Please post the unedited version.

Also, please post your screenshots in the reply rather than posting links off-site.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
Also, please be careful of your language as this is a family friendly site.
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
I wasn't aware that I said anything offensive. Still not, in fact.

Also, I'm not posting my product keys online. Why would you need them?
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
Only a partial key is shown. These reports are posted frequently. We need to verify if the operating system is genuine.
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
It is genuine. My product key was verified a couple weeks ago, so obviously microsoft's servers think so too. I'm not posting my product key on a public forum, especially one not affiliated with Microsoft. I know what Microsoft MVP means.

Do you see an issue that I can correct or should I just reformat my computer? Considering all I want to do is get updates, and I clearly don't have the expertise to hack into my OS, yet retain the ability to correct the issue by simply reinstalling the OS, the only way I could do that is by having a valid product key to begin with. Otherwise why would I post on this forum?
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
Something did happen that made a notification keep popping up that required me to certify my OS. So I found my cd key and did that. But I haven't been able to use sfc /scannow, chkdsk, get updates, or repair from the cd since. As you can tell I apparently have no restore points, and the secrecy of this industry is frankly ridiculous. I wouldn't be having these issues if Microsoft didn't have so many security measures.

I'm entitled to a functioning product that I purchased and currently own, not Microsoft. I'm not risking giving up my product keys publicly, where they might be stolen, or to someone I don't even know, when the outcome could mean that I loose access to something I exclusively possess.

As a consumer and not a business owner in an economy regulated by a corrupt representative democracy, I find this act by Microsoft to be immoral, an abuse of power that would not be possible if not for government protections like copyright law that inhibit market competition and maintain an oligopoly, all for the sake of rich lobbyists and lazy politicians.

Information should not be copyrighted. There is no cost to production following the initial investment, and allegations that these protections create incentive for development have been proven wrong by the open source community. And yet I play the game, and spend my money to be faced with this. A product that doesn't work properly because as a consumer in an oligopoly I am faced with products that are designed to sell instead of function. Everywhere I turn simply demands more money, and I still don't end up with something that works, because if I did, I wouldn't be spending money would I?

All I want to do is fix my computer so that I can install .NET Framework and run some of the programs required for the 3d printer that I'm building so that I don't have to resort to linux, but considering political perspective maybe linux wouldn't be so bad.

BTW, here's the .NET Framework Installation Log
OS Version = 6.1.7600, SP = 0.0, Platform 2
OS Description = Windows 7 - x64 Home Premium Edition

MSI = 5.0.7600.16385
Windows version = amd64_windowsfoundation_31bf3856ad364e35_6.1.7600.16385_none_5f2ecc1aaa4ac3b2.manifest
Windows servicing = 6.1.7601.17592

CommandLine = H:\465b49859174eb3812815647e6d686\\Setup.exe /x86 /x64 /web
TimeZone = Pacific Standard Time
Initial LCID = 1033

Using Simultaneous Download and Install mechanism

Operation: Repairing

Package Name = Microsoft .NET Framework 4.5 Setup
Package Version = 4.5.50709

User Experience Data Collection Policy: AlwaysUploaded

Number of applicable items: 4

Exe (H:\465b49859174eb3812815647e6d686\SetupUtility.exe) succeeded.
Exe Log File: dd_SetupUtility.txt

MSI (H:\465b49859174eb3812815647e6d686\netfx_Full_x64.msi) repair operation failed. Msi Log: Microsoft .NET Framework 4.5 Setup_20130127_201609930-MSI_netfx_Full_x64.msi.txt


Exe (H:\465b49859174eb3812815647e6d686\SetupUtility.exe) succeeded.
Exe Log File: dd_SetupUtility.txt

MSI (H:\465b49859174eb3812815647e6d686\netfx_Full_x64.msi) repair operation failed. Msi Log: Microsoft .NET Framework 4.5 Setup_20130127_201609930-MSI_netfx_Full_x64.msi.txt


Final Result: Installation failed with error code: (0x80070643), "Fatal error during installation. " (Elapsed time: 0 00:02:28).

___________
I typed in the error code and another forum gave me a link to Microsoft Fix It.




It seems to think my windows is genuine..
Here's another attempt:



Why did my second attempt come up with the same errors as the first??
I still can't update, yet it says it fixed it twice. What is the Backgrount Intelligent Transfer Service (BITS)? That sounds pretty serious..
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
I refer you to this section of our site rules where it states that we may request confirmation that your operating system is genuine.
Use of Pirated Software - Because we do not support pirated software, we may request that you provide validation to confirm that your copy of Windows or other software is not pirated. If you are unable or unwilling to provide this validation, your thread may be closed.
Can you tell me what is the make and model of the computer please?

Also, has the motherboard been changed at any point in time?
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
my computer is custom built, and no the motherboard has been the same the whole time
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,936
Please download AdwCleaner from here to your desktop

Run AdwCleaner and select "Search" (do not select "Delete" at this time)

Once the scan is finished a log will be produced. Please copy and paste the log into your next reply.
 

Ikelos

Thread Starter
Joined
Jan 23, 2013
Messages
26
# AdwCleaner v2.109 - Logfile created 01/28/2013 at 14:12:08
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Esche - ESCHE-PC
# Boot Mode : Normal
# Running from : C:\Users\Esche\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Esche\AppData\Local\Babylon
Folder Found : C:\Users\Esche\AppData\Local\Conduit
Folder Found : C:\Users\Esche\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Users\Esche\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\Esche\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Esche\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Found : C:\Users\Esche\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Esche\AppData\LocalLow\Conduit
Folder Found : C:\Users\Esche\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Esche\AppData\Roaming\Babylon
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\ConduitCommon
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\CT3072253
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\CT3176921
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}
Folder Found : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\SweetPacksToolbarData
Folder Found : C:\Users\Esche\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055345591}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-4041361382-4006658097-1894578863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Esche\AppData\Roaming\Mozilla\Firefox\Profiles\sgps9cun.default\prefs.js

Found : user_pref("CT3072253..clientLogIsEnabled", false);
Found : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Found : user_pref("CT3072253.CTID", "CT3072253");
Found : user_pref("CT3072253.CurrentServerDate", "12-7-2012");
Found : user_pref("CT3072253.DSChangedManually", true);
Found : user_pref("CT3072253.DSInstall", true);
Found : user_pref("CT3072253.DialogsAlignMode", "LTR");
Found : user_pref("CT3072253.DialogsGetterLastCheckTime", "Wed Jul 11 2012 17:49:28 GMT-0700 (Pacific Daylig[...]
Found : user_pref("CT3072253.DownloadReferralCookieData", "");
Found : user_pref("CT3072253.FirstServerDate", "21-5-2012");
Found : user_pref("CT3072253.FirstTime", true);
Found : user_pref("CT3072253.FirstTimeFF3", true);
Found : user_pref("CT3072253.FixPageNotFoundErrors", true);
Found : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3072253.HPInstall", true);
Found : user_pref("CT3072253.HasUserGlobalKeys", true);
Found : user_pref("CT3072253.HomePageProtectorEnabled", true);
Found : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=[...]
Found : user_pref("CT3072253.Initialize", true);
Found : user_pref("CT3072253.InitializeCommonPrefs", true);
Found : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3072253.InstallationId", "fft6E8C.tmp.exe");
Found : user_pref("CT3072253.InstallationType", "XPE");
Found : user_pref("CT3072253.InstalledDate", "Tue May 22 2012 09:01:36 GMT-0700 (Pacific Daylight Time)");
Found : user_pref("CT3072253.IsAlertDBUpdated", true);
Found : user_pref("CT3072253.IsGrouping", false);
Found : user_pref("CT3072253.IsInitSetupIni", true);
Found : user_pref("CT3072253.IsMulticommunity", false);
Found : user_pref("CT3072253.IsOpenThankYouPage", true);
Found : user_pref("CT3072253.IsOpenUninstallPage", false);
Found : user_pref("CT3072253.IsProtectorsInit", true);
Found : user_pref("CT3072253.LanguagePackLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Dayligh[...]
Found : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3072253.LastLogin_3.12.0.8", "Fri May 25 2012 18:49:08 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3072253.LastLogin_3.12.2.3", "Sun May 27 2012 22:11:10 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3072253.LastLogin_3.13.0.6", "Fri Jul 13 2012 13:57:34 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3072253.LatestVersion", "3.13.0.6");
Found : user_pref("CT3072253.Locale", "en");
Found : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Found : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Found : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Found : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT3072253.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT3176921&SearchSource=13");
Found : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchEngineBeforeUnload", "Google");
Found : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Found : user_pref("CT3072253.SearchInNewTabEnabled", true);
Found : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Dayli[...]
Found : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3072253.SearchProtectorEnabled", false);
Found : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Daylight [...]
Found : user_pref("CT3072253.SettingsLastCheckTime", "Fri Jul 13 2012 13:57:34 GMT-0700 (Pacific Daylight Ti[...]
Found : user_pref("CT3072253.SettingsLastUpdate", "1339665152");
Found : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Found : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Tue May 22 2012 09:01:35 GMT-0700 (Pacific Day[...]
Found : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Found : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3072253.UserID", "UN98261464163252817");
Found : user_pref("CT3072253.ValidationData_Toolbar", 1);
Found : user_pref("CT3072253.alertChannelId", "1463702");
Found : user_pref("CT3072253.autoDisableScopes", 0);
Found : user_pref("CT3072253.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT3072253.backendstorage.cb_user_id_000", "43423538313632393338373330315F46697265666F78")[...]
Found : user_pref("CT3072253.backendstorage.cbcountry_000", "4341");
Found : user_pref("CT3072253.backendstorage.cbfirsttime", "547565204D617920323220323031322030393A30313A34322[...]
Found : user_pref("CT3072253.backendstorage.url_history0001", "6A6176617363726970743A766F69642830293A3A3A636[...]
Found : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Tue May 22 2012 09:01:37 GMT-0700 (Pacific [...]
Found : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3072253.initDone", true);
Found : user_pref("CT3072253.isAppTrackingManagerOn", true);
Found : user_pref("CT3072253.myStuffEnabled", true);
Found : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3072253.navigateToUrlOnSearch", false);
Found : user_pref("CT3072253.revertSettingsEnabled", false);
Found : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Found : user_pref("CT3072253.testingCtid", "");
Found : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific D[...]
Found : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Tue May 22 2012 09:01:39 GMT-0700 (Pacific D[...]
Found : user_pref("CT3072253.usagesFlag", 2);
Found : user_pref("CT3176921..clientLogIsEnabled", false);
Found : user_pref("CT3176921..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3176921..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3176921.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3176921.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3176921.BrowserCompStateIsOpen_129737739857744079", true);
Found : user_pref("CT3176921.BrowserCompStateIsOpen_129737739934152286", true);
Found : user_pref("CT3176921.BrowserCompStateIsOpen_129737740025404639", true);
Found : user_pref("CT3176921.BrowserCompStateIsOpen_129737740992616905", true);
Found : user_pref("CT3176921.BrowserCompStateIsOpen_1330956206000", true);
Found : user_pref("CT3176921.CTID", "CT3176921");
Found : user_pref("CT3176921.CurrentServerDate", "12-7-2012");
Found : user_pref("CT3176921.DSInstall", true);
Found : user_pref("CT3176921.DialogsAlignMode", "LTR");
Found : user_pref("CT3176921.DialogsGetterLastCheckTime", "Wed Jul 11 2012 17:49:28 GMT-0700 (Pacific Daylig[...]
Found : user_pref("CT3176921.DownloadReferralCookieData", "");
Found : user_pref("CT3176921.EMailNotifierPollDate", "Mon Mar 05 2012 02:36:18 GMT-0800 (Pacific Standard Ti[...]
Found : user_pref("CT3176921.FirstServerDate", "4-3-2012");
Found : user_pref("CT3176921.FirstTime", true);
Found : user_pref("CT3176921.FirstTimeFF3", true);
Found : user_pref("CT3176921.FixPageNotFoundErrors", true);
Found : user_pref("CT3176921.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3176921.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3176921.HPInstall", true);
Found : user_pref("CT3176921.HasUserGlobalKeys", true);
Found : user_pref("CT3176921.HomePageProtectorEnabled", true);
Found : user_pref("CT3176921.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3176921&SearchSource=[...]
Found : user_pref("CT3176921.Initialize", true);
Found : user_pref("CT3176921.InitializeCommonPrefs", true);
Found : user_pref("CT3176921.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3176921.InstallationId", "ct3176921_express_files.exe");
Found : user_pref("CT3176921.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT3176921.InstalledDate", "Mon Mar 05 2012 02:36:18 GMT-0800 (Pacific Standard Time)");
Found : user_pref("CT3176921.InvalidateCache", false);
Found : user_pref("CT3176921.IsGrouping", false);
Found : user_pref("CT3176921.IsInitSetupIni", true);
Found : user_pref("CT3176921.IsMulticommunity", false);
Found : user_pref("CT3176921.IsOpenThankYouPage", false);
Found : user_pref("CT3176921.IsOpenUninstallPage", true);
Found : user_pref("CT3176921.IsProtectorsInit", true);
Found : user_pref("CT3176921.LanguagePackLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Dayligh[...]
Found : user_pref("CT3176921.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3176921.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3176921.LastLogin_3.10.0.1", "Mon Mar 05 2012 02:36:20 GMT-0800 (Pacific Standard Time)[...]
Found : user_pref("CT3176921.LastLogin_3.12.0.7", "Wed Apr 25 2012 22:04:19 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3176921.LastLogin_3.12.2.3", "Mon May 28 2012 00:11:12 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3176921.LastLogin_3.13.0.6", "Fri Jul 13 2012 13:57:34 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT3176921.LatestVersion", "3.13.0.6");
Found : user_pref("CT3176921.Locale", "en");
Found : user_pref("CT3176921.MCDetectTooltipHeight", "83");
Found : user_pref("CT3176921.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Found : user_pref("CT3176921.MCDetectTooltipWidth", "295");
Found : user_pref("CT3176921.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3176921.OriginalFirstVersion", "3.10.0.1");
Found : user_pref("CT3176921.RadioIsPodcast", false);
Found : user_pref("CT3176921.RadioLastCheckTime", "Mon Mar 05 2012 02:36:18 GMT-0800 (Pacific Standard Time)[...]
Found : user_pref("CT3176921.RadioLastUpdateIPServer", "3");
Found : user_pref("CT3176921.RadioLastUpdateServer", "129711186309670000");
Found : user_pref("CT3176921.RadioMediaID", "22027805");
Found : user_pref("CT3176921.RadioMediaType", "Media Player");
Found : user_pref("CT3176921.RadioMenuSelectedID", "EBRadioMenu_CT317692122027805");
Found : user_pref("CT3176921.RadioShrinkedFromSetup", false);
Found : user_pref("CT3176921.RadioStationName", "California%20Rock%20-%20Rock");
Found : user_pref("CT3176921.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Found : user_pref("CT3176921.SavedHomepage", "google.com");
Found : user_pref("CT3176921.SearchCaption", "express-files Customized Web Search");
Found : user_pref("CT3176921.SearchEngineBeforeUnload", "express-files Customized Web Search");
Found : user_pref("CT3176921.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3176921.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT317[...]
Found : user_pref("CT3176921.SearchInNewTabEnabled", true);
Found : user_pref("CT3176921.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3176921.SearchInNewTabLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Dayli[...]
Found : user_pref("CT3176921.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3176921.SearchProtectorEnabled", true);
Found : user_pref("CT3176921.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3176921.SendProtectorDataViaLogin", true);
Found : user_pref("CT3176921.ServiceMapLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific Daylight [...]
Found : user_pref("CT3176921.SettingsLastCheckTime", "Fri Jul 13 2012 13:57:34 GMT-0700 (Pacific Daylight Ti[...]
Found : user_pref("CT3176921.SettingsLastUpdate", "1341091592");
Found : user_pref("CT3176921.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3176921&SearchSource=13");
Found : user_pref("CT3176921.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3176921.ThirdPartyComponentsLastCheck", "Mon Mar 05 2012 02:36:16 GMT-0800 (Pacific Sta[...]
Found : user_pref("CT3176921.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT3176921.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3176921.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3176921");
Found : user_pref("CT3176921.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3176921.UserID", "UN42299837604671964");
Found : user_pref("CT3176921.ValidationData_Toolbar", 0);
Found : user_pref("CT3176921.alertChannelId", "1584547");
Found : user_pref("CT3176921.autoDisableScopes", -1);
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000paramsgk1", "7B22757064617465526[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_followers[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_followers[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_following[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_following[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_home", "3[...]
Found : user_pref("CT3176921.backendstorage.3176921a129719618372458539000000twittertemplate_notify_home_coun[...]
Found : user_pref("CT3176921.backendstorage.3176921a129720553164390415000000paramsgk0", "7B22757064617465526[...]
Found : user_pref("CT3176921.backendstorage.cbfirsttime", "4D6F6E204D617220303520323031322030323A33363A32322[...]
Found : user_pref("CT3176921.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Found : user_pref("CT3176921.backendstorage.twittertemplate_3176921a129719618372458539000000_dailyactivity",[...]
Found : user_pref("CT3176921.backendstorage.twittertemplate_3176921a129719618372458539000000_lifetimesent", [...]
Found : user_pref("CT3176921.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3176921.globalFirstTimeInfoLastCheckTime", "Mon Mar 05 2012 02:36:18 GMT-0800 (Pacific [...]
Found : user_pref("CT3176921.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3176921.initDone", true);
Found : user_pref("CT3176921.isAppTrackingManagerOn", true);
Found : user_pref("CT3176921.isFirstRadioInstallation", false);
Found : user_pref("CT3176921.myStuffEnabled", true);
Found : user_pref("CT3176921.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3176921.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3176921.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3176921.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3176921.navigateToUrlOnSearch", false);
Found : user_pref("CT3176921.revertSettingsEnabled", false);
Found : user_pref("CT3176921.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3176921.searchProtectorEnableByLogin", true);
Found : user_pref("CT3176921.testingCtid", "");
Found : user_pref("CT3176921.toolbarAppMetaDataLastCheckTime", "Fri Jul 13 2012 01:17:07 GMT-0700 (Pacific D[...]
Found : user_pref("CT3176921.toolbarContextMenuLastCheckTime", "Mon Mar 05 2012 02:36:20 GMT-0800 (Pacific S[...]
Found : user_pref("CT3176921.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3176921&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "express-files Customized Web Search,uTorrentControl[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3176921/CT3176921[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1584547/1578750/CA", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3176921", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3176921",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Esche\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?AF=109130&tt=[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT3176921,CT3072253");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3176921,CT3072253");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3176921,CT3072253");
Found : user_pref("CommunityToolbar.globalUserId", "0f6a4757-3db0-4352-9a90-f626cc90a1d1");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 22 2012 09:01:3[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue May 22 2012 09:01:44 GMT-070[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun May 27 2012 20:47:20 GMT-0700 (P[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "887d8edb-4356-4964-8d15-c023bbe54f03");
Found : user_pref("CommunityToolbar.originalHomepage", "google.com");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_noffx");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "c4f7e9f9000000000000002522c03c4b");
Found : user_pref("extensions.BabylonToolbar_i.id", "c4f7e9f9000000000000002522c03c4b");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15385");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109130&tt=090212_n[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.173:18:11");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Esche\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [34293 octets] - [28/01/2013 14:07:54]
AdwCleaner[R2].txt - [34354 octets] - [28/01/2013 14:09:01]
AdwCleaner[R3].txt - [32835 octets] - [28/01/2013 14:10:19]
AdwCleaner[R4].txt - [30931 octets] - [28/01/2013 14:12:08]

########## EOF - C:\AdwCleaner[R4].txt - [30992 octets] ##########
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top