1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

IE Not Responsive

Discussion in 'Virus & Other Malware Removal' started by justgreene, Jan 4, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    I hope I am posting in the right place. My Windows 7 pc has been acting up for quite a while. I am not sure if it's an ISP issue or just my pc. When I am running IE or Firefox or Chrome, my websites become non-responsive. Or I will click on a link and nothing happens. It is very "jumpy" meaning pages seem to lock and then switch to new pages after some time has passed. I get the message box pop-up saying that IE is uisng so much RAM and it is usually over 250 MB. I am not sure if it's a hardware issue or internet issue. I did a speedtest and came back over 4 mbps. My issues seem to get worse by the evening. I don't have many issues when using software...just internet websites.

    Running a Compaq Windows 7
    AMD Dual-Core procesor 2.3 Ghz
    3 GB RAM
     
  2. captainron276

    captainron276

    Joined:
    Sep 11, 2010
    Messages:
    3,919
    First Name:
    Ron
    To help us help you,please use the TSG System Info tool to let Tech's know the specs of your computer: http://static.techguy.org/download/SysInfo.exe Copy and paste the results here in your thread. You can use the TSG Info to fill in your computer information in your user profile as well.

    Also, if its a brand name system like an Acer,Dell or HP, please post the exact model of the system.
     
  3. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: AMD Athlon(tm) Dual Core Processor 4450e, AMD64 Family 15 Model 107 Stepping 2
    Processor Count: 2
    RAM: 2942 Mb
    Graphics Card: NVIDIA GeForce 6150SE nForce 430 (Microsoft Corporation - WDDM), 128 Mb
    Hard Drives: C: Total - 226949 MB, Free - 121187 MB; D: Total - 38138 MB, Free - 15319 MB; E: Total - 11523 MB, Free - 1542 MB; G: Total - 76308 MB, Free - 14626 MB; H: Total - 476813 MB, Free - 124496 MB; I: Total - 2861575 MB, Free - 2650812 MB;
    Motherboard: ECS, Iris8
    Antivirus: AVG Anti-Virus Free Edition 2012, Updated and Enabled

    Compaq Presario SR5710F
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    Hiya

    I see you posted a reply in the malware forum as well. I've closed that one, as this one has a reply from Ron, but lets just see if it is malware related. If it is, I'll move this there, and carry on :)

    So, can you do the following for me:

    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Select
      All Users
      LOP Check
      Purity Check
    • Under the Standard Registry box change it to All
    • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

      Code:
      netsvcs
      activex
      msconfig
      %SYSTEMDRIVE%\*.
      %$Recycle.Bin\
      %PROGRAMFILES%\*.exe
      %LOCALAPPDATA%\*.exe
      %windir%\Installer\*.*
      %windir%\system32\tasks\*.*
      %windir%\system32\tasks\*.* /64
      %systemroot%\Fonts\*.exe
      %systemroot%\*. /mp /s
      /md5start
      consrv.dll
      explorer.exe
      winlogon.exe
      regedit.exe
      Userinit.exe
      svchost.exe
      services.exe
      user32.dll
      ATAPI.SYS
      /md5stop
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      >C:\commands.txt echo list vol /raw /hide /c
      /wait
      >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
      /wait
      type c:\diskreport.txt /c
      /wait
      erase c:\commands.txt /hide /c
      /wait
      erase c:\diskreport.txt /hide /c
      CREATERESTOREPOINT
      
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

    eddie
     
  5. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    I've tried doing the OTL scan twice now. It scans good but then it gets to scanning Chrome settings and I get the not responding messsage from OTL. What should I do?
     
  6. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    I have tried doing the OTL scan numerous times and it just freezes up - not responding. I give up.
     
  7. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    That's okay, just try this one instead:

    • Download random's system information tool (RSIT) by random/random from here.
    • It is important that is saved to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
     
  8. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    Logfile of random's system information tool 1.09 (written by random/random)
    Run by Justin at 2013-01-11 17:05:34
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 114 GB (50%) free of 227 GB
    Total RAM: 2942 MB (33% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:05:49 PM, on 1/11/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Users\Justin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Justin\AppData\Local\Google\Update\1.3.21.124\GoogleCrashHandler.exe
    C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Justin\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Justin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
    R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKCU\..\Run: [MusicManager] "C:\Users\Justin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\SysWow64\Shdocvw.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12922 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Adobe Flash Player Updater.job
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2758387876-317494887-4176309356-1000Core.job
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2758387876-317494887-4176309356-1000UA.job
    C:\Windows\tasks\ReclaimerUpdateFiles_Justin.job
    C:\Windows\tasks\ReclaimerUpdateXML_Justin.job
    C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Justin.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\sv5ouond.default

    prefs.js - "browser.startup.homepage" - "http://www.yahoo.com/|http://pinterest.com/"

    "[email protected]"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files (x86)\AVG\AVG2012\Firefox4\
    "{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
    "[email protected]"=C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
    "{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 11.5.502.146 Plugin
    "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
    "Description"=iTunes Detector Plug-in
    "Path"=

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
    "Description"=
    "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
    "Description"=Canon Easy-PhotoPrint EX
    "Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
    "Description"=Java™ Deployment Toolkit
    "Path"=C:\Windows\SysWOW64\npDeployJava1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
    "Description"=Oracle® Next Generation Java™ Plug-In
    "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
    "Description"=
    "Path"=disabled

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
    "Description"=WLPG Install MIME type
    "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
    "Description"=WLPG Install MIME type
    "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
    "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
    "Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
    "Description"=RealJukebox Netscape Plugin
    "Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
    "Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
    "Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
    "Description"=RealPlayer(tm) HTML5VideoShim Plug-In
    "Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
    "Description"=RealPlayer Download Plugin
    "Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
    "Description"=Google Update
    "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
    "Description"=Google Update
    "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
    "Description"=3Dvia Player For Mozilla Based Broswer
    "Path"=C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
    "Description"=Handles PDFs in-place in Firefox
    "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files (x86)\Mozilla Firefox\components\
    binary.manifest
    browsercomps.dll
    npCouponPrinter.xpt
    nsIQTScriptablePlugin.xpt

    C:\Program Files (x86)\Mozilla Firefox\plugins\
    NPcol400.dll
    npCouponPrinter.dll
    npMozCouponPrinter.dll
    nppdf32.dll
    nppl3260.dll
    nppl3260.xpt
    npqtplugin.dll
    npqtplugin2.dll
    npqtplugin3.dll
    npqtplugin4.dll
    npqtplugin5.dll
    npqtplugin6.dll
    npqtplugin7.dll
    nprjplug.dll
    nprpplugin.dll
    QuickTimePlugin.class

    C:\Program Files (x86)\Mozilla Firefox\searchplugins\
    amazondotcom.xml
    babylon.xml
    bing.xml
    eBay.xml
    google.xml
    twitter.xml
    wikipedia.xml
    yahoo.xml

    C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\sv5ouond.default\extensions\
    [email protected]

    C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\sv5ouond.default\searchplugins\
    askcom.xml
    BabylonMngr.xml
    conduit.xml

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
    HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-27 426736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
    AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-14 192144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
    HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {98889811-442D-49dd-99D7-DC866BE87DBC}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-14 192144]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
    "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
    "TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-09-27 296096]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MusicManager"=C:\Users\Justin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [2012-12-10 7416320]
    "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-08-03 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvyu"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.i420"=lvcodec2.dll
    "vidc.yvu9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv
    "msacm.voxacm160"=vct3216.acm
    "wave1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "msacm.siren"=sirenacm.dll
    "wave2"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer2"=wdmaud.drv
    "aux1"=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 month======

    2013-01-11 17:05:37 ----D---- C:\Program Files (x86)\trend micro
    2013-01-11 17:05:34 ----D---- C:\rsit
    2013-01-05 16:11:04 ----D---- C:\Forks Over Knives
    2013-01-05 11:33:35 ----D---- C:\Star Wars #5_Empire Strikes Back
    2013-01-05 11:32:09 ----D---- C:\New folder
    2013-01-01 22:47:49 ----D---- C:\Star Wars #6_Return of the Jedi
    2013-01-01 21:48:14 ----D---- C:\Star Wars #3_Revenge of the Sith
    2012-12-29 12:34:07 ----D---- C:\Star Wars #2_Attack of the Clones
    2012-12-29 12:33:09 ----D---- C:\Star Wars #4_ A New Hope
    2012-12-27 19:39:31 ----A---- C:\Windows\SysWOW64\vbscript.dll
    2012-12-27 19:39:31 ----A---- C:\Windows\SysWOW64\mshtmled.dll
    2012-12-27 19:39:31 ----A---- C:\Windows\SysWOW64\ieui.dll
    2012-12-27 19:39:30 ----A---- C:\Windows\SysWOW64\urlmon.dll
    2012-12-27 19:39:30 ----A---- C:\Windows\SysWOW64\url.dll
    2012-12-27 19:39:30 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
    2012-12-27 19:39:29 ----A---- C:\Windows\SysWOW64\wininet.dll
    2012-12-27 19:39:29 ----A---- C:\Windows\SysWOW64\msfeeds.dll
    2012-12-27 19:39:27 ----A---- C:\Windows\SysWOW64\jscript9.dll
    2012-12-27 19:39:27 ----A---- C:\Windows\SysWOW64\jscript.dll
    2012-12-27 19:39:26 ----A---- C:\Windows\SysWOW64\jsproxy.dll
    2012-12-27 19:39:26 ----A---- C:\Windows\SysWOW64\iertutil.dll
    2012-12-27 19:39:24 ----A---- C:\Windows\SysWOW64\mshtml.dll
    2012-12-27 19:39:21 ----A---- C:\Windows\SysWOW64\ieframe.dll
    2012-12-27 19:38:56 ----A---- C:\Windows\SysWOW64\atmlib.dll
    2012-12-27 19:38:55 ----A---- C:\Windows\SysWOW64\atmfd.dll
    2012-12-27 19:37:42 ----A---- C:\Windows\SysWOW64\tzres.dll
    2012-12-27 19:37:27 ----A---- C:\Windows\SysWOW64\KernelBase.dll
    2012-12-27 19:37:27 ----A---- C:\Windows\SysWOW64\kernel32.dll
    2012-12-27 19:37:26 ----A---- C:\Windows\SysWOW64\setup16.exe
    2012-12-27 19:37:26 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
    2012-12-27 19:37:25 ----A---- C:\Windows\SysWOW64\wow32.dll
    2012-12-27 19:37:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-12-27 19:37:23 ----A---- C:\Windows\SysWOW64\instnm.exe
    2012-12-27 19:37:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-12-27 19:37:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2012-12-27 19:37:21 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2012-12-27 19:37:21 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2012-12-27 19:37:20 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2012-12-27 19:37:19 ----A---- C:\Windows\SysWOW64\user.exe
    2012-12-27 19:37:07 ----A---- C:\Windows\SysWOW64\dpnet.dll
    2012-12-26 16:22:48 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-12-26 16:22:48 ----D---- C:\Program Files (x86)\iTunes
    2012-12-19 15:10:26 ----D---- C:\Users\Justin\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1

    ======List of files/folders modified in the last 1 month======

    2013-01-11 17:05:49 ----D---- C:\Windows\Prefetch
    2013-01-11 17:05:37 ----RD---- C:\Program Files (x86)
    2013-01-11 09:47:30 ----D---- C:\Windows\Temp
    2013-01-11 09:11:15 ----D---- C:\ProgramData\MFAData
    2013-01-10 20:33:06 ----SHD---- C:\System Volume Information
    2013-01-08 23:21:02 ----D---- C:\Windows\Tasks
    2013-01-08 22:51:18 ----D---- C:\Users\Justin\AppData\Roaming\Spotify
    2013-01-08 20:35:30 ----D---- C:\ProgramData\CanonIJPLM
    2013-01-08 15:16:06 ----D---- C:\Windows\SysWOW64
    2013-01-08 15:16:02 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-01-06 20:18:45 ----D---- C:\ProgramData\Real
    2013-01-06 20:18:02 ----D---- C:\Users\Justin\AppData\Roaming\Real
    2013-01-06 01:00:03 ----D---- C:\Windows\inf
    2013-01-05 15:32:30 ----D---- C:\ProgramData\DVD Shrink
    2013-01-03 17:09:49 ----D---- C:\Users\Justin\AppData\Roaming\Skype
    2012-12-28 14:25:37 ----D---- C:\Users\Justin\AppData\Roaming\Apple Computer
    2012-12-27 20:25:38 ----D---- C:\Windows\rescache
    2012-12-27 19:48:54 ----D---- C:\Windows\winsxs
    2012-12-27 19:45:49 ----D---- C:\Windows\SysWOW64\en-US
    2012-12-27 19:45:49 ----D---- C:\Windows\System32
    2012-12-27 19:45:48 ----D---- C:\Windows\SysWOW64\migration
    2012-12-27 19:45:48 ----D---- C:\Windows\AppPatch
    2012-12-27 19:45:48 ----D---- C:\Program Files (x86)\Internet Explorer
    2012-12-27 19:41:10 ----D---- C:\Windows\debug
    2012-12-27 19:39:33 ----SHD---- C:\Windows\Installer
    2012-12-27 19:38:51 ----HD---- C:\Config.Msi
    2012-12-26 21:26:54 ----D---- C:\Users\Justin\AppData\Roaming\Adobe
    2012-12-26 16:23:23 ----RD---- C:\Program Files
    2012-12-26 16:23:10 ----D---- C:\Program Files (x86)\Common Files\Apple
    2012-12-26 16:22:48 ----HD---- C:\ProgramData
    2012-12-24 11:42:19 ----D---- C:\Users\Justin\AppData\Roaming\uTorrent
    2012-12-24 11:30:47 ----D---- C:\My Music
    2012-12-20 21:31:28 ----D---- C:\Windows

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
    R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
    R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys []
    R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
    R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys []
    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
    R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
    R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
    R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys []
    R3 AVMNgBasM780;AVerMedia M780 Base Driver; C:\Windows\system32\DRIVERS\AVerBas.sys []
    R3 AVMNgCapM780;AVerMedia M780 Audio/Video Capture Driver; C:\Windows\system32\DRIVERS\AVerCap.sys []
    R3 AVMNgTunM780;AVerMedia M780 TVTuner Driver; C:\Windows\system32\DRIVERS\AVerTun.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
    R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
    R3 LVUVC64;Logitech Webcam C260(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
    R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys []
    S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
    S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys []
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []
    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
    S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
    S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
    R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
    R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
    R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-13 20992]
    R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-13 20992]
    R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-10-09 107912]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]
    R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-13 20992]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
    S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
    S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-16 867080]
    S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
    S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
    S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
    S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

    -----------------EOF-----------------


    info.txt logfile of random's system information tool 1.09 2013-01-11 17:05:58

    ======Uninstall list======

    µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
    3DVIA player 5.0.0.20-->MsiExec.exe /X{B01DD1A4-F4E1-4CE7-AB6E-3168C5BD5D30}
    7-Zip 9.22beta-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}
    Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
    Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin
    Adobe Photoshop Elements 8.0-->msiexec /i {17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}
    Adobe Photoshop.com Inspiration Browser-->msiexec /qb /x {D0DDF9EE-C67F-368B-EB42-ECB44FD7556D}
    Adobe Photoshop.com Inspiration Browser-->MsiExec.exe /I{D0DDF9EE-C67F-368B-EB42-ECB44FD7556D}
    Adobe Reader X (10.1.4)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
    Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
    Angry Birds-->MsiExec.exe /I{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}
    Apple Application Support-->MsiExec.exe /I{CCE825DB-347A-4004-A186-5F4A6FDD8547}
    Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
    CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
    Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
    Canon Easy-PhotoPrint Pro - PRO-1 series Extention Data-->C:\Program Files (x86)\Canon\Easy-PhotoPrint Pro\Profile\PRO-1\uninst.exe uninst.ini uinstrsc.dll
    Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data-->C:\Program Files (x86)\Canon\Easy-PhotoPrint Pro\Profile\Pro9000\uninst.exe uninst.ini uinstrsc.dll
    Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data-->C:\Program Files (x86)\Canon\Easy-PhotoPrint Pro\Profile\Pro9500 series\uninst.exe uninst.ini uinstrsc.dll
    Canon Easy-PhotoPrint Pro-->C:\Program Files (x86)\Canon\Easy-PhotoPrint Pro\uninst.exe uninst.ini uinstrsc.dll
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
    Canon Pro9000 Mark II series User Registration-->C:\Program Files (x86)\Canon\IJEREG\Pro9000 Mark II series\UNINST.EXE
    Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
    Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    ConvertXtoDVD 4.1.19.365-->"C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe"
    Coupon Printer for Windows-->"C:\Program Files (x86)\Coupons\uninstall.exe" "/U:C:\Program Files (x86)\Coupons\Uninstall\uninstall.xml"
    Creative Memories Memory Manager 3-->MsiExec.exe /I{055C7B5D-B655-495D-BC4B-787994519AAA}
    D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
    DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}
    Duplicate Finder-->"C:\Program Files (x86)\Duplicate Finder\unins000.exe"
    DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
    erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
    Freemake Video Converter version 3.1.1-->"C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe"
    Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
    Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
    Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    LightScribe System Software-->MsiExec.exe /X{82EF29B1-9B60-4142-A155-0599216DD053}
    Logitech Vid HD-->C:\Program Files (x86)\Logitech\Vid HD\uninst.exe
    Logitech Webcam Software-->"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=ENU /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
    LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
    LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
    LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
    LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
    LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
    LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
    LWS Twitter-->MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48}
    LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
    LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
    LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
    LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
    Malwarebytes Anti-Malware version 1.65.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Memory Manager 3 Service Update-->MsiExec.exe /I{114AA498-39E6-4229-94DB-1E3777C2F486}
    Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c}
    Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Office XP Professional-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
    Movie Templates - Starter Kit-->MsiExec.exe /X{e498385e-1c51-459a-b45f-1721e37aa1a0}
    Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
    MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
    MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Nero 9-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-02A4-TE7Z-248H-2AE2-EXP6-7435-6A2L"
    Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}
    Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
    Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}
    Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}
    Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}
    Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}
    Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
    Nero Live-->MsiExec.exe /X{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}
    Nero PhotoSnap-->MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac}
    Nero Recode-->MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f}
    Nero Rescue Agent-->MsiExec.exe /X{368ba326-73ad-4351-84ed-3c0a7a52cc53}
    Nero ShowTime-->MsiExec.exe /X{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}
    Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
    Nero Vision-->MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b}
    Nero WaveEditor-->MsiExec.exe /X{a209525b-3377-43f4-b886-32f6b6e7356f}
    NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8}
    NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}
    NeroLiveGadget-->MsiExec.exe /X{9e9fdde6-2c26-492a-85a0-05646b3f2795}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
    RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
    RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0
    RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
    Shutterfly Express Uploader-->msiexec /qb /x {63688C0C-441B-B09B-97A3-B059D79A84F7}
    Shutterfly Express Uploader-->MsiExec.exe /I{63688C0C-441B-B09B-97A3-B059D79A84F7}
    Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
    SoundTrax-->MsiExec.exe /X{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
    Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
    Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
    Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
    Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
    Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
    Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
    Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
    Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
    Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
    Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
    Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
    Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
    Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
    Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
    Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
    Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
    Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
    Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
    Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
    Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
    Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
    Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
    Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
    Zoodles-->msiexec /qb /x {88E14CA9-C418-21F9-223B-5405979A03E9}
    Zoodles-->MsiExec.exe /I{88E14CA9-C418-21F9-223B-5405979A03E9}

    ======System event log======

    Computer Name: Greenehome
    Event Code: 55
    Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
    Record Number: 13783
    Source Name: Ntfs
    Time Written: 20120722210647.012100-000
    Event Type: Error
    User:

    Computer Name: Greenehome
    Event Code: 55
    Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
    Record Number: 13782
    Source Name: Ntfs
    Time Written: 20120722210647.012100-000
    Event Type: Error
    User:

    Computer Name: Greenehome
    Event Code: 55
    Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
    Record Number: 13781
    Source Name: Ntfs
    Time Written: 20120722210647.012100-000
    Event Type: Error
    User:

    Computer Name: Greenehome
    Event Code: 55
    Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
    Record Number: 13780
    Source Name: Ntfs
    Time Written: 20120722210647.012100-000
    Event Type: Error
    User:

    Computer Name: Greenehome
    Event Code: 55
    Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
    Record Number: 13779
    Source Name: Ntfs
    Time Written: 20120722210647.012100-000
    Event Type: Error
    User:

    =====Application event log=====

    Computer Name: Greenehome
    Event Code: 1130
    Message: .NET Runtime Optimization Service (2.0.50727.4927) - Dependencies did not match with repository: Microsoft.MediaCenter.Sports
    Record Number: 154
    Source Name: .NET Runtime Optimization Service
    Time Written: 20120718190236.000000-000
    Event Type: Warning
    User:

    Computer Name: Greenehome
    Event Code: 1130
    Message: .NET Runtime Optimization Service (2.0.50727.4927) - Version or flavor did not match with repository: Microsoft.MediaCenter.Playback
    Record Number: 152
    Source Name: .NET Runtime Optimization Service
    Time Written: 20120718190235.000000-000
    Event Type: Warning
    User:

    Computer Name: Greenehome
    Event Code: 1130
    Message: .NET Runtime Optimization Service (2.0.50727.4927) - Version or flavor did not match with repository: mcepg
    Record Number: 136
    Source Name: .NET Runtime Optimization Service
    Time Written: 20120718190222.000000-000
    Event Type: Warning
    User:

    Computer Name: Greenehome
    Event Code: 1130
    Message: .NET Runtime Optimization Service (2.0.50727.4927) - Dependencies did not match with repository: ehRecObj
    Record Number: 135
    Source Name: .NET Runtime Optimization Service
    Time Written: 20120718190218.000000-000
    Event Type: Warning
    User:

    Computer Name: Greenehome
    Event Code: 1008
    Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

    Record Number: 107
    Source Name: Microsoft-Windows-Search
    Time Written: 20120718190003.000000-000
    Event Type: Warning
    User:

    =====Security event log=====

    Computer Name: 37L4247E29-32
    Event Code: 4672
    Message: Special privileges assigned to new logon.

    Subject:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7

    Privileges: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 5
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20120718185218.018400-000
    Event Type: Audit Success
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: 37L4247E29-32$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x1c4
    Process Name: C:\Windows\System32\services.exe

    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 4
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20120718185218.018400-000
    Event Type: Audit Success
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4902
    Message: The Per-user audit policy table was created.

    Number of Elements: 0
    Policy ID: 0x2fab8
    Record Number: 3
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20120718185217.690800-000
    Event Type: Audit Success
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-0-0
    Account Name: -
    Account Domain: -
    Logon ID: 0x0

    Logon Type: 0

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x4
    Process Name:

    Network Information:
    Workstation Name: -
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: -
    Authentication Package: -
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 2
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20120718185216.177600-000
    Event Type: Audit Success
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4608
    Message: Windows is starting up.

    This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
    Record Number: 1
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20120718185216.084000-000
    Event Type: Audit Success
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=2
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=6b02
    "asl.log"=Destination=file
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip

    -----------------EOF-----------------
     
  9. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    I posted the 2 logs. Is there anything I can do today as I have plenty of time? Thanks for your help!
     
  10. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    Sorry for the delay, weekends I tend to be busy. Having a look now, will reply in a bit :)
     
  11. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    Okay, not much in the way of malware there. I can see some remains, which we can remove.

    However, this was in the Event Log:


    So, lets try that:


    Try this click Start>>Run type cmd click Ok.

    In the Command Prompt type chkdsk /f click Enter

    Ther is a space between k and /f

    Or Click Start>>All Programs>>Accessories>>Command Prompt

    You will be asked if you want a check disk to run on next startup click Y and then press Enter

    Restart your PC

    It will run in 5 sections please do not interrupt it let it finish.


    Let me know when its complete and if it helps at all :)
     
  12. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    I did the command prompt box, however, I am getting "Access Denied as you do not have sufficient privileges. You have to invoke this utility running in elevated mode." message.

    Now what?
     
  13. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    Okay, lets see if you can do it this way :)

    Open up My Computer, and right-click on the C-drive, and select Properties.

    In there, click the Tools tab.

    At the top will be Error-checking

    Click on the button Check Now, and when prompted, select both options:

    Automatically fix file system errors
    Scan for and attempt recovery of bad sectors

    And then click Start.
     
  14. justgreene

    justgreene Thread Starter

    Joined:
    Jun 21, 2005
    Messages:
    119
    It is doing it right now. Let me ask this...I did an upgrade to windows 7. When I start the pc, I get the black page asking if I want to start windows 7 or an older version of windows. Should I be getting this at startup? I thought when I did my upgrade it wiped windows vista off my hard drive.
     
  15. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    34,574
    For the black page at startup, does it specify which version of Windows other than Windows 7?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Responsive
  1. ma0r1r3p
    Replies:
    0
    Views:
    397
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1083705

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice