SpywareHammer.com

SpywareHammer Malware Removal Forums => Completed Malware and Rootkit Removal Topics => Inactive Logs => Topic started by: MikeMobes on July 14, 2013, 07:57:53 PM

Title: [Inactive] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 14, 2013, 07:57:53 PM
Ive recently aquired my parent's old laptop. I have only had it for a couple of days, however it seems to be running sluggishly, and the hardware eject button for the cd/dvd rom only works before windows boots up. Also, they said something popped up saying that the computer was infected, but don't remember what it said. I'm guessing it was just a phishing popup, but I cant be certain it wasn't legitimate either, so here i am.

:::Edit:::
Windows Defender is off and won't turn on. Dialog box is as follows:
 "Windows Defender encountered an error: 0x800106ba. A problem caused this program's service to stop. To start the service, restart your computer or search Help and Support for how to start a service manually"
:::/Edit:::
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Grammaton Cleric at 18:43:00 on 2013-07-14
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4085.2071 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\WmiPrvSE.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
mDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: H - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: XBTBPos00: {fcbccb87-9224-4b8d-b117-f56d924beb18} - Fast Browser Search Toolbar Helper
TB: Fast Browser Search Toolbar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} -
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [PCMService] "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
TCP: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
TCP: Interfaces\{B6427DDC-7783-4E52-8833-CAD6901AFB2D} : DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
TCP: Interfaces\{FF641C2F-EE52-4E11-A57A-CCCFDB5FFD63} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-X64: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Fast Browser Search Toolbar Helper
BHO-X64:     XBTBPos00 - No File
TB-X64: Fast Browser Search Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} -
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [PCMService] "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-5-10 65640]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe [?]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-8-27 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2011-8-27 55296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-11-18 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2008-7-24 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;C:\Windows\system32\DRIVERS\OA001Ufd.sys --> C:\Windows\system32\DRIVERS\OA001Ufd.sys [?]
R3 OA001Vid;Creative Camera OA001 Function Driver;C:\Windows\system32\DRIVERS\OA001Vid.sys --> C:\Windows\system32\DRIVERS\OA001Vid.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-23 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-14 257416]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-23 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 117144]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VCR2PC;VCR2PC Analog Capture;C:\Windows\system32\DRIVERS\0140_ION.sys --> C:\Windows\system32\DRIVERS\0140_ION.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-4-16 1024680]
S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-19 89920]
S4 QuickBooksDB17;QuickBooksDB17;C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
.
=============== File Associations ===============
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-07-15 01:30:59   9552976   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BCEA9C01-49A0-4AA1-8D2D-F87CE2D6728E}\mpengine.dll
2013-07-15 01:25:08   108968   ----a-w-   C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-13 05:40:04   --------   d-----w-   C:\Users\Grammaton Cleric\AppData\Local\ApplicationHistory
2013-07-12 23:09:43   619008   ----a-w-   C:\Windows\System32\qedit.dll
2013-07-12 23:09:43   505344   ----a-w-   C:\Windows\SysWow64\qedit.dll
2013-07-12 23:09:40   1815552   ----a-w-   C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-12 23:09:40   1500672   ----a-w-   C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-12 23:09:40   1476608   ----a-w-   C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-12 23:09:40   1447936   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 23:09:39   936960   ----a-w-   C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 23:04:22   2775040   ----a-w-   C:\Windows\System32\win32k.sys
2013-07-11 02:03:27   --------   dc----w-   C:\Users\Grammaton Cleric\AppData\Local\MigWiz
2013-07-11 01:58:53   --------   d-----w-   C:\Program Files\Windows Easy Transfer 7
2013-06-21 01:51:52   964552   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{093F060F-DBE0-45D1-9162-A0AF50AE6C25}\gapaengine.dll
2013-06-21 01:50:04   1078272   ----a-w-   C:\Windows\System32\certutil.exe
2013-06-21 01:50:03   985600   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-06-21 01:50:03   812544   ----a-w-   C:\Windows\SysWow64\certutil.exe
2013-06-21 01:50:03   1269248   ----a-w-   C:\Windows\System32\crypt32.dll
2013-06-21 01:50:02   98304   ----a-w-   C:\Windows\SysWow64\cryptnet.dll
2013-06-21 01:50:02   50688   ----a-w-   C:\Windows\System32\certenc.dll
2013-06-21 01:50:02   41984   ----a-w-   C:\Windows\SysWow64\certenc.dll
2013-06-21 01:50:02   174592   ----a-w-   C:\Windows\System32\cryptsvc.dll
2013-06-21 01:50:02   133120   ----a-w-   C:\Windows\SysWow64\cryptsvc.dll
2013-06-21 01:50:02   132096   ----a-w-   C:\Windows\System32\cryptnet.dll
2013-06-21 01:49:48   30720   ----a-w-   C:\Windows\System32\cryptdlg.dll
2013-06-21 01:49:48   24576   ----a-w-   C:\Windows\SysWow64\cryptdlg.dll
2013-06-21 01:49:43   40448   ----a-w-   C:\Windows\System32\drivers\tcpipreg.sys
2013-06-21 01:49:43   1417576   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2013-06-21 01:49:41   686080   ----a-w-   C:\Windows\System32\win32spl.dll
2013-06-21 01:49:41   443904   ----a-w-   C:\Windows\SysWow64\win32spl.dll
2013-06-21 01:49:41   37376   ----a-w-   C:\Windows\SysWow64\printcom.dll
2013-06-19 04:50:08   247216   ----a-w-   C:\Windows\System32\drivers\MpFilter.sys
.
==================== Find3M  ====================
.
2013-07-15 01:25:06   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 01:25:06   692104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-15 01:24:25   972712   ----a-w-   C:\Windows\System32\deployJava1.dll
2013-07-15 01:24:25   1093032   ----a-w-   C:\Windows\System32\npDeployJava1.dll
2013-06-21 01:40:01   107368   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll
2013-06-21 01:40:00   35656   ----a-w-   C:\Windows\System32\LMIport.dll
2013-06-21 01:40:00   100680   ----a-w-   C:\Windows\System32\LMIinit.dll
2013-06-19 04:50:08   139616   ----a-w-   C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-03 01:19:37   107368   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2013-05-29 05:43:16   2312704   ----a-w-   C:\Windows\System32\jscript9.dll
2013-05-29 05:35:44   1392128   ----a-w-   C:\Windows\System32\wininet.dll
2013-05-29 05:34:14   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-05-29 05:29:56   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-05-29 05:29:02   599040   ----a-w-   C:\Windows\System32\vbscript.dll
2013-05-29 05:25:09   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-05-29 01:50:14   1800704   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-05-29 01:41:52   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-05-29 01:41:08   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-05-29 01:37:15   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2013-05-29 01:36:09   420864   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2013-05-29 01:33:22   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-05-08 04:18:16   1706496   ----a-w-   C:\Windows\System32\WMVDECOD.DLL
2013-05-08 04:04:52   1548288   ----a-w-   C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 15:29:56   278800   ------w-   C:\Windows\System32\MpSigStub.exe
2013-04-17 12:32:54   327680   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2013-04-17 12:32:54   287232   ----a-w-   C:\Windows\System32\d3d10core.dll
2013-04-17 12:32:54   196096   ----a-w-   C:\Windows\System32\d3d10_1.dll
2013-04-17 12:32:54   1268224   ----a-w-   C:\Windows\System32\d3d10.dll
2013-04-17 11:29:44   2002944   ----a-w-   C:\Windows\System32\d3d10warp.dll
2013-04-17 11:28:53   219648   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2013-04-17 11:28:53   189952   ----a-w-   C:\Windows\SysWow64\d3d10core.dll
2013-04-17 11:28:53   160768   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2013-04-17 11:28:53   1029120   ----a-w-   C:\Windows\SysWow64\d3d10.dll
2013-04-17 11:27:55   566272   ----a-w-   C:\Windows\System32\d3d10level9.dll
2013-04-17 11:02:02   834048   ----a-w-   C:\Windows\System32\d2d1.dll
2013-04-17 10:58:11   1556480   ----a-w-   C:\Windows\System32\DWrite.dll
2013-04-17 10:58:10   1149440   ----a-w-   C:\Windows\System32\FntCache.dll
2013-04-17 10:34:33   1172480   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2013-04-17 10:33:05   486400   ----a-w-   C:\Windows\SysWow64\d3d10level9.dll
2013-04-17 10:14:27   683008   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2013-04-17 10:10:35   1069056   ----a-w-   C:\Windows\SysWow64\DWrite.dll
.
============= FINISH: 18:43:19.48 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/9/2008 6:09:22 PM
System Uptime: 7/14/2013 6:10:25 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0M263C
Processor: Intel(R) Core(TM)2 Duo CPU     T8100  @ 2.10GHz | Microprocessor | 2101/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 176.189 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.983 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP936: 5/16/2013 6:21:22 PM - Windows Update
RP937: 5/17/2013 3:00:13 AM - Windows Update
RP938: 5/18/2013 - Scheduled Checkpoint
RP939: 5/19/2013 12:00:01 AM - Scheduled Checkpoint
RP940: 5/21/2013 5:55:02 PM - Windows Update
RP941: 5/27/2013 10:19:37 AM - Windows Update
RP942: 5/30/2013 5:31:02 PM - Scheduled Checkpoint
RP943: 5/31/2013 5:43:06 PM - Windows Update
RP944: 6/2/2013 - Scheduled Checkpoint
RP945: 6/4/2013 3:27:45 PM - Windows Update
RP946: 6/6/2013 12:00:01 AM - Scheduled Checkpoint
RP947: 6/7/2013 12:00:01 AM - Scheduled Checkpoint
RP948: 6/8/2013 12:00:01 AM - Scheduled Checkpoint
RP950: 6/9/2013 10:49:16 AM - Windows Update
RP951: 6/10/2013 9:15:45 PM - Scheduled Checkpoint
RP952: 6/11/2013 1:21:19 PM - Scheduled Checkpoint
RP954: 6/18/2013 5:33:51 PM - Windows Update
RP955: 6/21/2013 4:11:52 PM - Windows Update
RP956: 6/23/2013 12:00:01 AM - Scheduled Checkpoint
RP957: 7/10/2013 6:18:38 PM - Scheduled Checkpoint
RP958: 7/10/2013 6:54:08 PM - Windows Update
RP959: 7/10/2013 6:58:07 PM - Windows Update
RP960: 7/12/2013 10:17:50 PM - Windows Update
RP961: 7/14/2013 5:47:35 PM - Scheduled Checkpoint
RP962: 7/14/2013 6:20:51 PM - Installed Java 7 Update 25 (64-bit)
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Belkin Setup and Router Monitor
Bing Bar
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
D3DX10
Dell Video Chat (remove only)
Dell Webcam Central
ECDSDesktopVersionSetup
erLT
ExactCharge Setup
FileHippo.com Update Checker
Garmin USB Drivers
Garmin WebUpdater
GIMP 2.6.11
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
ION EZ Video Converter
ITECIR Driver
Live! Cam Avatar Creator
LiveUpdate (Symantec Corporation)
Logitech Updater
LogMeIn
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.75.0.1300
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Rescue
Netflix in Windows Media Center
OpenOffice.org 3.4
palmOne
QuickBooks Pro 2007
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Segoe UI
Skype™ 5.10
SupportSoft Assisted Service
TreeSize Free V2.5
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Video Mover
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Install     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Install     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Download     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 5:46:51 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004]  - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
7/14/2013 5:46:50 PM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
7/12/2013 6:36:02 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer DADS-LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B6427DDC-7783-4E52-8833-CAD6901AFB2D}. The master browser is stopping or an election is being forced.
7/12/2013 6:22:59 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/12/2013 6:22:59 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/12/2013 4:05:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/12/2013 10:14:33 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
7/10/2013 6:42:21 PM, Error: Microsoft-Windows-Dhcp-Client [1001]  - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001FE152C906.  The following error occurred:  The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:19:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 (http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:28 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:18:07 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.4 with the system having network hardware address 68-A3-C4-AF-0A-59. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 14, 2013, 09:05:31 PM
My name is Hoov and I will be helping you with your problem. As you have been helped here before I will skip the preliminaries and get right to the issue.

1.Download and scan with CCleaner (http://www.ccleaner.com/downloadbuilds.asp)
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:



In the Applications Tab


4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Please start up Malwarebytes' Anti-Malware and update it then run a quick scan. If it finds anything, fix it and post the resulting log. If it finds nothing, post that log instead.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 14, 2013, 09:38:00 PM
Ran CCleaner, ran Malwarebytes.

No malicious items detected:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org (http://www.malwarebytes.org)

Database version: v2013.07.14.08

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Grammaton Cleric :: DADS-PC [administrator]

7/14/2013 8:30:54 PM
mbam-log-2013-07-14 (20-30-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 289765
Time elapsed: 5 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 14, 2013, 09:50:35 PM
I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.Now check to see how it is running.

Once you have decided, run msconfig and select normal startup then click apply then OK and come back here and let me know how it ran.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 14, 2013, 10:35:09 PM
It was snappy with the clean boot. No luck with defender or the disc drive
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 15, 2013, 05:08:23 AM
Those could be legitimate problems. But lets see what we can do to get the computer to run better first so we have room to try and fix those two.

Please run the two tools below and post the logs generated. You will need to split them up between multiple posts.


Download Silent Runners.zip (http://www.silentrunners.org/Silent%20Runners.zip) and extract it to a new folder on your Desktop.

    * Run the Silent Runners.vbs file.
    * You will receive a prompt: "Do you want to skip supplementary searches?" - click "NO."
    * If your antivirus has a script blocker, you will get a warning asking if you want to allow Silent Runners.vbs to run.
    * This script is not malicious so please allow it.
    * A text file will appear in the folder - it''s not done, let it run. (It won''t appear to be doing anything!)
    * Once the "All Done!" prompt flashes up, open the text file, and copy & paste it in your next reply.


Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your Desktop
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 15, 2013, 04:27:44 PM
Tried running Silent Runners.vbs after extracting it to the desktop, and i get an error message:

"Silent Runners" has launched as a 32-bit process in a 64-bit OS, which will prevent it from functioning correctly.
This script must exit.

OTL ran fine, heres the logs:

OTL.txt

OTL logfile created on: 7/15/2013 3:04:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grammaton Cleric\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.99 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.47% Memory free
8.19 Gb Paging File | 6.10 Gb Available in Paging File | 74.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 176.26 Gb Free Space | 61.20% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.98 Gb Free Space | 49.83% Space Free | Partition Type: NTFS
 
Computer Name: DADS-PC | User Name: Grammaton Cleric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/07/15 14:56:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Grammaton Cleric\Downloads\OTL.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/02/11 18:28:52 | 001,522,080 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
PRC - [2008/05/06 10:18:02 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/01/14 08:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
PRC - [2007/08/31 09:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/02/17 18:25:42 | 000,181,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe -- (Belkin Local Backup Service)
SRV:64bit: - [2010/02/09 15:55:52 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe -- (Belkin Network USB Helper)
SRV:64bit: - [2008/06/09 21:47:06 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/05/29 05:48:22 | 000,246,272 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_0c642403\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/05/29 05:48:18 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/07/14 18:25:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/10 19:39:55 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/20 18:40:17 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/20 18:40:00 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/09 19:53:56 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/09 03:45:36 | 003,192,184 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/31 09:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/28 15:28:12 | 000,020,480 | ---- | M] ( ) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2006/11/09 15:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/09/13 10:32:12 | 000,128,536 | ---- | M] (iAnywhere Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intuit\QuickBooks 2007\QBDBMgrN.exe -- (QuickBooksDB17)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/06/20 18:40:01 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/02/11 19:18:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/01/08 20:11:16 | 000,301,504 | ---- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\0140_ION.sys -- (VCR2PC)
DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/08 10:40:14 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2009/06/22 16:50:00 | 000,291,352 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\sxuptp.sys -- (sxuptp)
DRV:64bit: - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/03/08 17:06:00 | 000,319,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys -- (OA001Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys -- (OA001Ufd)
DRV:64bit: - [2008/07/24 18:46:08 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/07/24 18:45:20 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2008/06/16 04:59:30 | 000,125,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2008/06/16 04:58:58 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/06/12 21:45:00 | 000,019,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/06/12 21:44:54 | 000,120,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/12 21:44:54 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/06/12 21:44:52 | 000,092,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/09 21:47:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/06/09 21:46:52 | 001,372,664 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/06/03 21:56:56 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/06/03 03:41:24 | 000,239,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2008/06/03 03:26:06 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2008/06/03 03:26:04 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/06/03 03:26:02 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2008/05/29 05:48:30 | 000,454,656 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/02/29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008/02/29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2008/01/20 19:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:64bit: - [2007/11/14 01:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 00:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2013/06/02 18:20:14 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com (http://www.dell.com)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC (http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC)
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com (http://www.dell.com)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC (http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09 (http://www.msn.com/?ocid=OIE9MSE&PC=UP09)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9MSE&PC=UP09 (http://www.msn.com/?ocid=OIE9MSE&PC=UP09)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC (http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC)
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} (http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS})
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.664
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.664
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/15 14:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/15 14:58:03 | 000,000,000 | ---D | M]
 
[2008/08/28 23:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Extensions
[2013/07/14 17:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions
[2013/07/14 17:50:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/29 11:56:51 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\LogMeInClient@logmein.com
[2012/02/29 11:00:42 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/07/10 19:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/10 19:39:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/03/25 11:00:31 | 000,003,700 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fast.png
[2010/03/25 11:00:31 | 000,001,963 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fast.xml
 
O1 HOSTS File: ([2012/07/11 15:35:27 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (http://support.dell.com/systemprofiler/DellSystemLite.CAB) (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6427DDC-7783-4E52-8833-CAD6901AFB2D}: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF641C2F-EE52-4E11-A57A-CCCFDB5FFD63}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{dacf397b-4e1b-11dd-a2e8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dacf397b-4e1b-11dd-a2e8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVD_SPECIAL_FEATURES.exe
O34 - HKLM BootExecute: ("""autocheck autochk *""")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/15 15:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/07/15 15:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/07/15 14:59:34 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/07/15 14:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/07/15 14:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/07/15 14:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/07/15 14:55:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/14 21:15:18 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Roaming\gtk-2.0
[2013/07/14 21:14:37 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\.thumbnails
[2013/07/14 21:13:37 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\.gimp-2.6
[2013/07/14 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\Documents\gegl-0.0
[2013/07/14 20:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/07/14 18:39:07 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Grammaton Cleric\Desktop\dds.com
[2013/07/14 18:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/07/12 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Local\ApplicationHistory
[2013/07/10 19:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/10 19:03:27 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Local\MigWiz
[2013/07/10 18:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Easy Transfer 7
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/15 15:03:14 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/07/15 14:57:52 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/07/15 14:57:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 14:57:00 | 000,513,136 | ---- | M] () -- C:\Users\Grammaton Cleric\Desktop\Silent Runners.vbs
[2013/07/15 14:56:33 | 000,000,629 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2013/07/15 14:13:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 14:13:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 13:22:40 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 13:22:40 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/14 21:26:04 | 000,716,800 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/14 21:26:04 | 000,613,520 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/14 21:26:04 | 000,108,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/14 21:22:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/14 21:22:28 | 4284,456,960 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/14 21:20:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/07/14 21:15:18 | 000,000,864 | ---- | M] () -- C:\Users\Grammaton Cleric\.recently-used.xbel
[2013/07/14 21:08:09 | 000,314,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/14 20:24:24 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/07/14 18:30:46 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/14 17:51:25 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/07/12 22:33:55 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/10 18:31:54 | 000,000,680 | ---- | M] () -- C:\Users\Grammaton Cleric\AppData\Local\d3d9caps.dat
[2013/07/10 18:31:52 | 000,002,051 | ---- | M] () -- C:\Users\Grammaton Cleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/20 18:40:01 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/06/20 18:40:00 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/06/20 18:40:00 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
 
========== Files Created - No Company Name ==========
 
[2013/07/15 15:03:14 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/07/15 14:57:52 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/07/14 21:20:21 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk
[2013/07/14 21:20:21 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013/07/14 21:15:18 | 000,000,864 | ---- | C] () -- C:\Users\Grammaton Cleric\.recently-used.xbel
[2013/07/14 21:07:33 | 000,314,632 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/14 20:24:24 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/07/14 18:30:46 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/10 18:58:57 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Easy Transfer 7.lnk
[2013/07/10 18:31:52 | 000,002,051 | ---- | C] () -- C:\Users\Grammaton Cleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/28 17:01:40 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2012/07/25 22:49:48 | 000,000,000 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Roaming\wklnhst.dat
[2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010/10/07 19:25:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/22 18:37:30 | 001,122,304 | ---- | C] () -- C:\Users\Grammaton Cleric\s-1-5-21-2374070308-3082580766-196985646-1002.rrr
[2008/08/29 00:13:52 | 000,003,584 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/28 22:39:44 | 000,000,680 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/07/14 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\gtk-2.0
[2009/11/22 22:50:11 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\HotSync
[2011/01/26 15:51:08 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\JAM Software
[2012/07/26 11:33:16 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\OpenOffice.org
[2012/07/14 21:25:39 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\Samsung
[2012/07/25 22:49:50 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\Template
[2011/11/02 14:44:39 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\TuneUp Software
[2012/07/27 20:33:04 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\WinPatrol
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D287FACF

< End of report >
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 15, 2013, 05:00:37 PM
And here's extras.txt

OTL Extras logfile created on: 7/15/2013 3:04:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grammaton Cleric\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.99 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.47% Memory free
8.19 Gb Paging File | 6.10 Gb Available in Paging File | 74.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 176.26 Gb Free Space | 61.20% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.98 Gb Free Space | 49.83% Space Free | Partition Type: NTFS
 
Computer Name: DADS-PC | User Name: Grammaton Cleric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = C7 E4 75 A9 CB 68 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE01A37-D5CA-4298-AA0F-88393D2D03AF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{136FDFEF-FD0A-4506-B908-E3513F4B5015}" = lport=138 | protocol=17 | dir=in | app=system |
"{1992C10B-3739-4B59-8AC4-F0B3D4A88F33}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2DFBCBDD-A495-4AA8-B602-C78478D05B8C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3B1900B8-D2CE-4B13-AEE2-C6EE0CC80D10}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4115693D-DD67-413E-A59D-5AAF89156DC5}" = rport=445 | protocol=6 | dir=out | app=system |
"{4D3D11ED-8FD5-4EBC-9EE3-B28281BDB3AC}" = rport=138 | protocol=17 | dir=out | app=system |
"{58414D2A-10D3-4E8B-802C-B537E7B4EE01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{69316C18-91E2-41BD-8352-8B0D88C786DF}" = lport=445 | protocol=6 | dir=in | app=system |
"{86102BBE-A9DA-4906-B7B5-4676342E5EFE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8873E344-F35E-413B-ADDC-B4F6F2D5A307}" = rport=139 | protocol=6 | dir=out | app=system |
"{8DA1A785-43FC-4002-AF7F-646EC529F9A6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{94914026-3986-4659-8486-3BB07B27BA2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9D442EB-96EC-4AE1-BF35-244A8DC31184}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ABB69C82-C837-47FC-A8A3-F7C3E68938FA}" = lport=139 | protocol=6 | dir=in | app=system |
"{B09440DC-E418-4273-B7B3-CF810221714A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C3854F1E-8626-4119-9124-2E43FBCF0757}" = rport=137 | protocol=17 | dir=out | app=system |
"{CC10DB07-AF69-4B58-8D35-FD76F17F3F19}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CDFD8385-A2A0-4780-A62D-0CEF05C0808A}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{D09F0662-24B7-45FB-803D-87E6D928924A}" = lport=137 | protocol=17 | dir=in | app=system |
"{D5357A71-F7CA-4E4B-8482-9F4B8DAD9D7F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D775AF8E-58BF-4FDB-B22F-0D0D1CC7067E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E28DC199-EB92-45AF-AD7C-07CD5FBF8C47}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EA4A46C9-561E-494F-B337-F7C1092011F1}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F42C94A8-8D82-41EA-BC4B-3883D64436C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06882F69-0BBD-4D73-884B-03B5B4310017}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0968031F-8E75-41BD-8257-52AB6062760B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{097B20CB-BB75-44FC-9224-6EED37851232}" = protocol=6 | dir=in | app=c:\program files (x86)\ion\ez video converter\mediatv.exe |
"{17560F42-9047-42A1-B659-F676A2C9E953}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{1FF84AB2-E72E-40EB-9624-EF2A07562044}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{208144AA-CEC7-437D-8EFD-6E0978F99285}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{20CAD705-7CDF-4DF0-8068-9F78ADF863FD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2740E4B4-51EF-4DAA-81EB-DA26F8B750B6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{286A1D1E-F2ED-46D8-968A-2581AD5073B8}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{2909FDF1-495A-4B64-86DF-7C683CF8B197}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3226DFD6-1E9D-4742-9242-BA0CFAC7FC6B}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{3435DF11-917F-4439-8D96-E37FCCE46506}" = dir=in | app=c:\program files (x86)\dell\mediadirect\pcmservice.exe |
"{365A1E5B-AA69-456A-9CF2-9388F2513E9F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A1BF772-5CE5-4CFC-8EFE-8D08FE6F4FEE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3BD415BF-FC6B-41BE-B648-DAFD09E60151}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
"{3E29797F-152D-47D4-A0CC-7F0D4EA6270A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4581CC5C-06A1-45CD-9E78-7C0EACECBFAD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4A3DD0A7-0BCD-452C-8014-2CF300B88978}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4D96C61A-FEC0-4C6D-890A-269694A61897}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{50ED9A54-9925-432A-9E78-FBE62E834877}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{5568F2A5-FF7A-42DA-BBC2-B5C368B74011}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{55730810-3CCC-4E0D-865B-888F0B098D2A}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{57CEBECE-C44B-4F43-9145-B4EFF12D8903}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{58419855-F69D-4A02-876D-00F1C559D503}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5A900C14-F49A-42C7-B688-7BA0E3C6C50C}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5BB0C15D-41C9-4AFD-9F91-46003AB231FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ion\ez video converter\mediatv.exe |
"{5C329372-5740-4F61-8BE4-590AED373733}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D6BD7F6-7C86-4E06-AE1B-D5FD076EF496}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6E107267-553E-48FF-A6F5-F1746785BA5D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{78FBE1AA-FC9D-490D-83C3-CD56B63416F4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7E9DDC9D-5D49-48F5-80C5-5CC945490378}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{824FEF23-F35E-4111-BA5D-7ED1A54B2F53}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dms\clmsservice.exe |
"{86DC6EAB-4853-4C59-A90B-11301C10A1A1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{91F1D54C-48F7-4053-B191-7E4B20C12858}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{941F4419-7CD8-41F3-92FA-0FE7075B5037}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A158BE8F-20B3-417C-9275-AF325EB06599}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A5159FE5-2B79-4902-951C-A8C4D0D1F211}" = dir=in | app=c:\program files (x86)\dell\mediadirect\mediadirect.exe |
"{A7DB0A16-8CD0-46D5-8CF1-AFDD4F1827BE}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{B10C9790-66F6-4B9C-BF9C-5ED75CB0B91C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B2D10453-D5FE-471D-B35F-1748A0ED9A95}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B46BC8A6-9019-485E-9482-C3772C57B9D1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CA179997-A854-49B3-B6F7-10EE66E092D6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{D2614E21-0963-4094-97C3-71B429A72AA3}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{E6325B36-0BB1-4C33-9D86-3B091270B4BF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E80CF1C6-5499-4766-B607-C2EB6A74A900}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F7BD2D34-0E80-4B6C-9521-156913D721F6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{3F5EA5F7-00F6-458F-A488-8D30CDB92C8D}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{AD88E2B3-6E1B-4BC4-AB32-21CA86F585FA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F152C085-925E-4192-9D79-2AAB54B26D61}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{2A42D033-EE1B-442A-83ED-9174AEBCBF51}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{5BFE9885-D89F-4E8B-80AE-25E2506E70BC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{7999F350-FEBF-4B78-B4A7-7DEFAB55A7B4}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4401
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = QuickSet
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"CCleaner" = CCleaner
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04E364F1-4582-4567-A6C8-C7FBBCC86C91}" = ION EZ Video Converter
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{915FECEE-AC40-4ABD-8B50-419A4A7E2751}" = ExactCharge Setup
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED56170A-EB77-4CD9-B888-A380DA748945}" = ECDSDesktopVersionSetup
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF8157AA-F640-45BD-B7C2-BAA1016B267A}" = palmOne
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TreeSize Free_is1" = TreeSize Free V2.5
"Video Mover_is1" = Video Mover
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/15/2013 3:20:59 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 3:40:06 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 3:58:52 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 4:23:20 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 4:44:24 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 5:02:51 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 5:20:20 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 5:37:30 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 5:54:50 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
Error - 7/15/2013 6:12:18 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error  Initialization of the COM subsystem failed.
 Error code: 0x80070422.
 
[ Broadcom Wireless LAN Events ]
Error - 10/5/2012 5:46:09 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
Description = 14:46:09, Fri, Oct 05, 12 Error - Unable to gain access to user store

 
Error - 3/13/2013 8:46:34 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
Description = 17:46:34, Wed, Mar 13, 13 Error - Unable to gain access to user store

 
Error - 5/11/2013 3:29:40 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
Description = 12:29:40, Sat, May 11, 13 Error - Unable to gain access to user store

 
Error - 5/12/2013 5:49:38 AM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
Description = 02:49:38, Sun, May 12, 13 Error - Unable to gain access to user store

 
[ Media Center Events ]
Error - 6/3/2009 9:18:30 PM | Computer Name = Dads-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
 returned 10000105  Process: DefaultDomain Object Name: Media Center Guide
 
Error - 6/10/2009 12:00:37 AM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 5/19/2012 1:10:17 AM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
 due to an abandoned mutex.'.
 
Error - 6/18/2013 7:41:02 PM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
 due to an abandoned mutex.'.
 
[ System Events ]
Error - 7/14/2013 8:46:51 PM | Computer Name = Dads-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
 may indicate that the system is low on virtual memory, or that the memory manager
 has encountered an internal error.
 
Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
 %%854     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: %%800     Update Type: %%803

   User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
 code: 0x80240016     Error description: An unexpected problem occurred while checking
 for updates. For information on installing or troubleshooting updates, see Help
 and Support.
 
Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
 %%854     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: %%800     Update Type: %%803

   User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
 code: 0x80240016     Error description: An unexpected problem occurred while checking
 for updates. For information on installing or troubleshooting updates, see Help
 and Support.
 
Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
 %%853     Source Path: http://www.microsoft.com (http://www.microsoft.com)     Signature Type: %%800     Update Type: %%803

   User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
 code: 0x80240016     Error description: An unexpected problem occurred while checking
 for updates. For information on installing or troubleshooting updates, see Help
 and Support.
 
Error - 7/14/2013 9:09:51 PM | Computer Name = Dads-PC | Source = DCOM | ID = 10010
Description =
 
Error - 7/15/2013 3:51:52 AM | Computer Name = Dads-PC | Source = PlugPlayManager | ID = 12
Description = The device 'Optiarc DVD+-RW AD-7640S ATA Device' (IDE\CdRomOptiarc_DVD+-RW_AD-7640S________________HD14____\5&31a73856&0&1.0.0)
 disappeared from the system without first being prepared for removal.
 
Error - 7/15/2013 3:51:51 AM | Computer Name = Dads-PC | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
 period.
 
Error - 7/15/2013 5:58:55 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7031
Description =
 
Error - 7/15/2013 5:59:51 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7031
Description =
 
Error - 7/15/2013 6:00:51 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7032
Description =
 
 
< End of report >
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 15, 2013, 09:06:39 PM
Sorry about that, try this instead.

Download http://spywarehammer.com/Tools/HijackThis.exe (http://spywarehammer.com/Tools/HijackThis.exe) and install it. Once it is running click the Open the Misc Tools Section Then click the Generate Startuplist log button. DO NOT check the two boxes next to the button. When you get a log, post the results here.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 15, 2013, 10:06:11 PM
Here's the Hijack This Startup List Log:

StartupList report, 7/15/2013, 9:05:04 PM
StartupList version: 1.52.2
Started from : C:\Users\Grammaton Cleric\Downloads\HijackThis.EXE
Detected: Windows Vista SP2 (WinNT 6.00.1906)
Detected: Internet Explorer v9.00 (9.00.8112.16496)
* Using default options
==================================================

Running processes:

C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\Grammaton Cleric\Downloads\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Bluetooth.lnk = ?
EZ VHS Converter Monitor.lnk = C:\Program Files (x86)\ION\EZ VHS Converter\MediaTVMonitor.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

PCMService = "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
InstaLAN = "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
ArcSoft Connection Service = "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
AppleSyncNotifier = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MobileDocuments = C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
FileHippo.com = "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
ehTray.exe = C:\Windows\ehome\ehTray.exe

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = NOTEPAD.EXE %1

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\Aurora.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - (no file) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f}
(no name) - (no file) - {DBC80044-A445-435b-BC74-9C25C1C588A9}
XBTBPos00 - (no file) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Adobe Flash Player Updater.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
User_Feed_Synchronization-{31FF5D21-C0A4-4088-88D1-E5B69F09B617}.job

--------------------------------------------------

Enumerating Download Program Files:

[{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}]
CODEBASE = http://support.dell.com/systemprofiler/DellSystemLite.CAB (http://support.dell.com/systemprofiler/DellSystemLite.CAB)

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Windows\system32\wshbth.dll
NameSpace #8: C:\Program Files (x86)\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = """autocheck autochk *"""

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Program Files (x86)\Google\Update\1.3.21.145||C:\Windows\TEMP\GoogleUpdateSetup.exe399d79b||C:\Config.Msi\3c4d927.rbf||C:\Config.Msi\3c4d92a.rbf||C:\Config.Msi\3c4d92e.rbf||C:\Config.Msi\3c4d931.rbf||C:\Config.Msi\3c4d935.rbf||C:\Config.Msi\3c4d937.rbf||C:\Config.Msi\3c4d938.rbf||C:\Config.Msi\3c4d93c.rbf||C:\Config.Msi\3c4d9d6.rbf||C:\Config.Msi\3c4da10.rbf||C:\Config.Msi\3c4da3c.rbf||C:\Config.Msi\3c4da3f.rbf||C:\Config.Msi\3c4da83.rbf


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\SysWOW64\webcheck.dll

--------------------------------------------------
End of report, 6,501 bytes
Report generated in 0.078 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 16, 2013, 09:15:55 PM
OK, I can see a few things I would turn off if it were my computer. But it is not, so I need to know what you eventually want to use this computer for? With the memory not being used, the harddrive being mostly empty, and the swap file on the large side, your computer should be zipping along. That leaves what is running in the background. Also I am concerned there may be pieces of old security programs running in the back ground that would prevent the current programs from running. So I need you to run one more small scanner.

Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 16, 2013, 09:47:05 PM
I'm open to suggestion as far as things to turn off goes.  I plan on using this laptop as a home office type computer. As long as it will handle Kies, Open Office, the internet, stream videos, skype, GIMP...  No Crysis or anything crazy.

Here's the checkup.txt

 Results of screen317's Security Check version 0.99.69 
 Windows Vista Service Pack 2 x64 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
Microsoft Security Essentials   
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````[/u]
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Adobe Flash Player    11.8.800.94 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (22.0)
 Google Chrome 28.0.1500.71 
 Google Chrome 28.0.1500.72 
````````Process Check: objlist.exe by Laurent````````[/u] 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````[/u]
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 20, 2013, 08:04:53 AM
Below are a set of suggestions to help the computer run better. If you are unsure about a suggestion, just ask. If you would rather not do as suggested, just let me know so I don't wonder why it has not changed.

First off is Adobe Acrobat. I recommend getting rid of that. It has become to big a problem. Instead I suggest ]Foxit reader (http://[object Object). It does the exact same things as Acrobat, but is smaller and integrates into browsers with fewer problems.

Next is you have remnants of Norton programs installed. If you don't need your license number go to step three on this page, download Norton Removal Tool (https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=20080710133024EN&lg=english&ct=united%20states&product=home&version=1&pvid=f-home). If you do need your license number than please go to the license recovery instructions (https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?lg=english&ct=united+states&docid=20080710133834EN&product=home&version=1&pvid=f-home).

Next I would go into Router Setup and Monitor and stop it from starting with Windows. Then run it when you need it.

Do the same with Dell MediaDirect, unless you use it a lot it is just sucking up resources.

Next go to the programs and features control panel and uninstall every version of Java listed. Then go to into Firefox and then to Tools and then to Addons and go thru the addons and uninstall anything Java there. Once you have uninstalled Java, go to http://www.java.com/en/ (http://www.java.com/en/) and click the bIg read Download and Install button.

Once that is done, reboot the computer and see how it is running. Let me know how its going.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 23, 2013, 09:13:01 PM
Ok, Acrobat removed, The norton removal tool pops up an error message saying that im supposed to remove "norton utilities 14" throught the add/remove programs before i can proceed with the removal tool. The problem is that there are no norton programs listed in programs and features. Router Set Up successfully disabled.  In Dell MediaDirect, i cant for the life of me find a way to disable its startup. Uninstalled the one Java instance i found in programs and features.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 23, 2013, 09:18:42 PM
Do you know how to edit the registry?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 24, 2013, 09:48:28 PM
I've edited registry items while following instructions before, never just of my own accord. I'm sure i can manage with some tips.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 25, 2013, 06:20:20 PM
Try this, if you need directions on how to do it, let me know.

Check in the registry under the following key:

HKEY_LOCAL_MACHINE\SysWOW64\Symantec\InstalledApps\

and

HKEY_LOCAL_MACHINE\Software\Symantec\InstalledApps\

Find any "Norton Utilities" entries and delete them.  Do not delete any other entry.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 25, 2013, 10:06:47 PM
didnt have the first key, no \SysWOW64 anywhere.

In the HKEY_LOCAL_MACHINE\Software\Symantec\InstalledApps\ there was a Norton Utilities folder with one key in it, and I deleted it.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 26, 2013, 06:19:03 AM
Try running the Norton removal tool again.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 27, 2013, 07:38:02 AM
Norton Removal ran successfully, rebooted. seemed to boot into windows with reasonable speed.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 27, 2013, 11:59:40 AM
So the computer is running normally? Any other problems with it? If not we can make sure everything is up to date and then we can do some cleanup and call it done.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 27, 2013, 08:29:25 PM
It seems to be running normally. Only things i notice are that the eject button for the disk drive doesnt work, and windows defender is unable to turn on.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 27, 2013, 08:42:07 PM
Can you go into windows explorer and right click on the drive and select eject and see if the drive ejects?

As for Windows Defender, please get me a copy of your event viewer logs using the instructions below.

I need you to go to the administration tools in Vista / Windows 7. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 29, 2013, 10:36:55 PM
Eject menu option works, i guess its just the hardware button that doesnt work.

Event logs too big to attach together or separately.

I uploaded the logs to Box and can send you a link, unless you have another preferred method.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 30, 2013, 07:50:36 AM
That is fine. Send me a link in a PM.

There may be a fix to the button issue. How handy are you with mechanical things?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on July 30, 2013, 06:11:16 PM
I'm pretty handy. I'd say my dis-assembly skills surpass my assembly skills by a small margin, but still handy nonetheless. 


 Link in PM sent. Side note, some weird behavior noticed. I left the computer plugged in and sent it to hibernate. I came back today, and it was on the fresh login screen with all three users, not the usual one user screen you get when taking out of hibernation. I logged back into my profile, and a Microsoft Windows Dialog box pops up saying

"Windows has recovered from an unexpected shutdown. A problem caused windows to stop working correctly. Windows will notify you if a solution is available"

Also, i noticed that two of my volume lights are now flashing, and they werent before. The Mute button and the volume up button.

This is the second time it has done the "windows has recovered from an unexpected shutdown" error, it did it a couple days ago and i forgot to mention it.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on July 30, 2013, 08:58:31 PM
When was the last time you tried turning windows defender on?

About the DVD drive, turn off the computer and flip it over. Now find the edge of the computer where the DVD drive is. If you go to the middle of the edge of the drive and go in toward the center of the computer about 4 inches there is a single screw there that holds the drive in. If you remove that screw, you can slide the drive out. Now if you look at the plastic edge piece on the side of the DVD tray, it can be removed. It just clips on. Once it is removed, look at the button and see if there is anything wrong with it. Look and see if it was binding on the trim pieces. Also check for any debris of any kind that has gotten lodged in there. Activate the switch and see if you can feel it clicking over.

Let me know what you find.

Now as to the BSOD's. The first thing you need to do is to turn of the auto reboot. Go to the control panel and then to the system control panel. Now click on Advanced System Settings on the left side of the window. In the Startup and recovery box click the settings button. Uncheck the automatic restart and in the debugging drop down menu select small memory dump. Now the next time your system crashes, you will get a blue Screen. I need the error message, mostly the program name involved and the stop code. Also the MEMORY.DMP file created.

Your event viewer logs did show some problems, but it seems that they are starting to clear up. So go back into the event viewer and instead of saving the log, clear the logs. Use the same instructions as before. It will ask you if you want to save the logs, that is your choice, I need the newly generated logs. Run your computer for 2 days or so, or until it crashes, and then send me a new set of logs. This time the logs, including the memory dump, will be small enough you can attach them here. But you will have to zip them up first.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on August 03, 2013, 07:44:08 AM
Sorry, been super busy lately. Just Cleared the logs and disabled auto reboot/memory dump, will run it for a couple days and see if it freezes again. I tried turning on windows defender just before my last post. I'm going to investigate the DVD drive later today
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on August 06, 2013, 07:30:33 PM
I have only been on this computer twice since the last message i sent you, and I haven't gotten it to freeze again. Defender still wont start, The DVD eject button still isnt working, however, the volume buttons are no longer flashing, and are functional, not sure what that was all about.  I'll have time to fiddle with this computer and see if i can reproduce the freeze over the next few days, and I'll report back either when it freezes, or by friday at the latest. sound good?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on August 06, 2013, 07:39:51 PM
No worries. I know how life can interrupt with play time.   :a
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on August 10, 2013, 01:07:28 AM
No blue screens yet, and im going camping till wednesday.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on August 19, 2013, 07:13:56 PM
MikeMobes How is your system running?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on August 20, 2013, 06:11:46 PM
Still no blue screens, but it did have an instance of "windows didnt shut down properly." I set it to hibernate, put it in my back pack, and about an hour or so later when i was at work, when i booted up, it didnt resume from hibernation, it gave me the not shut down properly message. So far, that has been the only anomaly i have noticed since clearing the event logs.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on August 20, 2013, 08:03:52 PM
Was the battery dead when you tried booting it back up? When it went into hibernate did all the indicator lights on the laptop go out?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on August 27, 2013, 08:27:14 PM
MikeMobes, Still there?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on August 28, 2013, 04:46:08 PM
Still here, sorry.

It seems like something was keeping it from getting into hibernation, because I gave it quite some time before tossing it in the backpack... like at least 30 minutes.  I don't recall if it was dead upon reboot, however, when i rebooted it it was plugged in already. Not sure if the indicator lights went out or not, i just hit hibernate and closed the lid.

Side not, noticed another issue.  When trying to switch to a different user, it starts to, then freezes "explorer not responding" once partway into the new user. so far all the stuff that we've done has been under my user. do the other user profiles need to be evaluated too? should i just delete em? (my parents each had their own user profile)
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on August 29, 2013, 09:51:59 AM
Will the computer go into sleep mode? You can access that thru the start button.

About the other profiles, yes they need to be scanned as well. But before we get into that, do they have any personal information in those profiles? It may be easier to move their personal information to a different location and then delete their profiles and recreate them.  If you do that, then you will have to make sure to click yes when it asks if you want to delete the files and folders that are part of the users personal settings.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on September 06, 2013, 06:49:23 PM
I can probably get rid of two out of the four other profiles. I backed up whatever information the windows easy transfer thing thought was interesting for the two profiles. how do i go about wiping out a profile? Sleep and Hibernate mode work. Sidenote, it's had another instance of me turning on the computer to a "windows has recovered from an error" dialogs after logging in.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on September 06, 2013, 06:58:43 PM
Go to the control panel and then to the user control panel. Select manage another user and then select a user you want to delete and then select "Delete Account" and when it asks about keeping files, click the Delete Files button and then click the Delete account button.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on September 06, 2013, 06:59:29 PM
Check and see if a new dmp file was created when you got the message that windows had recovered.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on September 09, 2013, 10:25:33 PM
yep
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on September 09, 2013, 10:44:09 PM
Zip it up and attach it please. If it is to big to attach, let me know.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on September 12, 2013, 08:08:21 PM
So, I don't really remember posting that last message, not really sure what that was all about. Anywho, im going to read through the last few messages, and get back to you today/tomorrow. Just wanted to post so you know im still here.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on September 12, 2013, 08:14:56 PM
No worries. It happens to all of us occasionally. At least it has happened to me. (http://www.donhoover.net/smilies/hysterical.gif)
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on September 17, 2013, 02:36:24 PM
MikeMobes, still with me?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 03, 2013, 09:56:07 AM
Sorry, was crazy busy there for a minute, now I'm laid off, so you've got my undivided attention. Do you want me to save some more system logs, or should i just wipe them out and grab em again in a couple days? Sidenote, upon booting up the computer to type this message, I got another "windows has recovered from an unexpected shutdown" message.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 03, 2013, 10:01:42 AM
Sorry to hear about the job situation. It has happened to me and it just plain sucks.

Can you see if you have any dmp files? If you do zip them up and attach them.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 03, 2013, 10:06:00 AM
Sorry, this is my pre-coffee brain functioning, but where am i looking for dmp files?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 03, 2013, 03:20:29 PM
Either in C:\windows or in c:\windows\minidumps
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 08, 2013, 06:55:01 PM
Seems like the DMP files are too big to attach, i click post, and it just sits there doing nothing.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 08, 2013, 07:14:32 PM
I have sent you a PM on what to do with the logs.

Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 08, 2013, 07:23:51 PM
its on its way, the file is quite large, even after zipping (263MB)
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 08, 2013, 09:00:58 PM
It will take a while to go thru them.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 09, 2013, 05:11:25 PM
I am sorry that I do not have any info for you. The service I am using for a dropbox for large files seems to be offline, and has been all day.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 12, 2013, 12:07:46 AM
I have gotten your files and I am looking at them, but it appears that there is a very good chance that some drivers are out of date. Does windows update run on this system with no problems? Can you check on the manufacturers website and see if there are any driver updates for the system?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 13, 2013, 11:16:23 AM
Windows update seems to run fine, the only outstanding updates it shows are optional, for bing bar / desktop.  I'll dig through the dell website and see what i can find.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 13, 2013, 12:04:36 PM
I think I have found the file that is causing the problem. ntkrnlmp.exe

To fix it I need you to follow the instructions below.

Click on the start button then all programs, then accessories and then right click on Command Prompt and select run as admin. Then type in sfc /scannow and hit enter. Then once that is done type in findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >cbs.txt and hit enter. Once that is done (should take seconds) type in cbs.txt and hit enter. Copy the text and paste it up here.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 13, 2013, 06:32:57 PM
contents of cbs.txt:

2013-10-13 17:20:32, Info                  CSI    00000006 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:32, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:34, Info                  CSI    00000009 [SR] Verify complete
2013-10-13 17:20:34, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:34, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:36, Info                  CSI    0000000d [SR] Verify complete
2013-10-13 17:20:36, Info                  CSI    0000000e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:36, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:38, Info                  CSI    00000011 [SR] Verify complete
2013-10-13 17:20:39, Info                  CSI    00000012 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:39, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:40, Info                  CSI    00000015 [SR] Verify complete
2013-10-13 17:20:41, Info                  CSI    00000016 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:41, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:42, Info                  CSI    00000019 [SR] Verify complete
2013-10-13 17:20:43, Info                  CSI    0000001a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:43, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:45, Info                  CSI    0000001d [SR] Verify complete
2013-10-13 17:20:45, Info                  CSI    0000001e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:45, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:47, Info                  CSI    00000021 [SR] Verify complete
2013-10-13 17:20:48, Info                  CSI    00000022 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:48, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:49, Info                  CSI    00000025 [SR] Verify complete
2013-10-13 17:20:50, Info                  CSI    00000026 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:50, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:51, Info                  CSI    00000029 [SR] Verify complete
2013-10-13 17:20:52, Info                  CSI    0000002a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:52, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:53, Info                  CSI    0000002d [SR] Verify complete
2013-10-13 17:20:54, Info                  CSI    0000002e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:54, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:56, Info                  CSI    00000031 [SR] Verify complete
2013-10-13 17:20:56, Info                  CSI    00000032 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:56, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2013-10-13 17:20:58, Info                  CSI    00000035 [SR] Verify complete
2013-10-13 17:20:58, Info                  CSI    00000036 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:20:58, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:00, Info                  CSI    00000039 [SR] Verify complete
2013-10-13 17:21:01, Info                  CSI    0000003a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:01, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:02, Info                  CSI    0000003d [SR] Verify complete
2013-10-13 17:21:03, Info                  CSI    0000003e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:03, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:04, Info                  CSI    00000041 [SR] Verify complete
2013-10-13 17:21:05, Info                  CSI    00000042 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:05, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:06, Info                  CSI    00000045 [SR] Verify complete
2013-10-13 17:21:07, Info                  CSI    00000046 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:07, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:09, Info                  CSI    00000049 [SR] Verify complete
2013-10-13 17:21:09, Info                  CSI    0000004a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:09, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:11, Info                  CSI    0000004d [SR] Verify complete
2013-10-13 17:21:11, Info                  CSI    0000004e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:11, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:13, Info                  CSI    00000051 [SR] Verify complete
2013-10-13 17:21:13, Info                  CSI    00000052 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:13, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:15, Info                  CSI    00000055 [SR] Verify complete
2013-10-13 17:21:15, Info                  CSI    00000056 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:15, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:17, Info                  CSI    00000059 [SR] Verify complete
2013-10-13 17:21:17, Info                  CSI    0000005a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:17, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:19, Info                  CSI    0000005d [SR] Verify complete
2013-10-13 17:21:20, Info                  CSI    0000005e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:20, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:21, Info                  CSI    00000061 [SR] Verify complete
2013-10-13 17:21:22, Info                  CSI    00000062 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:22, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:23, Info                  CSI    00000065 [SR] Verify complete
2013-10-13 17:21:24, Info                  CSI    00000066 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:24, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:26, Info                  CSI    00000069 [SR] Verify complete
2013-10-13 17:21:26, Info                  CSI    0000006a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:26, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:30, Info                  CSI    0000006d [SR] Verify complete
2013-10-13 17:21:30, Info                  CSI    0000006e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:30, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:32, Info                  CSI    00000071 [SR] Verify complete
2013-10-13 17:21:32, Info                  CSI    00000072 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:32, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:34, Info                  CSI    00000075 [SR] Verify complete
2013-10-13 17:21:35, Info                  CSI    00000076 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:35, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:35, Info                  CSI    00000079 [SR] Verify complete
2013-10-13 17:21:36, Info                  CSI    0000007a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:36, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:36, Info                  CSI    0000007d [SR] Verify complete
2013-10-13 17:21:36, Info                  CSI    0000007e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:36, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:37, Info                  CSI    00000081 [SR] Verify complete
2013-10-13 17:21:37, Info                  CSI    00000082 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:37, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:38, Info                  CSI    00000085 [SR] Verify complete
2013-10-13 17:21:39, Info                  CSI    00000086 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:39, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:40, Info                  CSI    00000089 [SR] Verify complete
2013-10-13 17:21:40, Info                  CSI    0000008a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:40, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:41, Info                  CSI    0000008d [SR] Verify complete
2013-10-13 17:21:41, Info                  CSI    0000008e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:41, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:42, Info                  CSI    00000091 [SR] Verify complete
2013-10-13 17:21:42, Info                  CSI    00000092 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:42, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:43, Info                  CSI    00000095 [SR] Verify complete
2013-10-13 17:21:43, Info                  CSI    00000096 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:43, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:43, Info                  CSI    00000099 [SR] Verify complete
2013-10-13 17:21:44, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:44, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:45, Info                  CSI    0000009d [SR] Verify complete
2013-10-13 17:21:46, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:46, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:48, Info                  CSI    000000a1 [SR] Verify complete
2013-10-13 17:21:48, Info                  CSI    000000a2 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:48, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:52, Info                  CSI    000000a7 [SR] Verify complete
2013-10-13 17:21:52, Info                  CSI    000000a8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:52, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:21:56, Info                  CSI    000000ac [SR] Verify complete
2013-10-13 17:21:57, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:21:57, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:00, Info                  CSI    000000b2 [SR] Verify complete
2013-10-13 17:22:00, Info                  CSI    000000b3 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:00, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:03, Info                  CSI    000000b6 [SR] Verify complete
2013-10-13 17:22:04, Info                  CSI    000000b7 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:04, Info                  CSI    000000b8 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:10, Info                  CSI    000000d3 [SR] Verify complete
2013-10-13 17:22:10, Info                  CSI    000000d4 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:10, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:15, Info                  CSI    000000e1 [SR] Verify complete
2013-10-13 17:22:16, Info                  CSI    000000e2 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:16, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:20, Info                  CSI    000000e5 [SR] Verify complete
2013-10-13 17:22:20, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:20, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:24, Info                  CSI    000000e9 [SR] Verify complete
2013-10-13 17:22:24, Info                  CSI    000000ea [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:24, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:28, Info                  CSI    000000ed [SR] Verify complete
2013-10-13 17:22:29, Info                  CSI    000000ee [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:29, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:35, Info                  CSI    000000f1 [SR] Verify complete
2013-10-13 17:22:35, Info                  CSI    000000f2 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:35, Info                  CSI    000000f3 [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:44, Info                  CSI    0000010b [SR] Verify complete
2013-10-13 17:22:44, Info                  CSI    0000010c [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:44, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2013-10-13 17:22:56, Info                  CSI    0000010f [SR] Verify complete
2013-10-13 17:22:57, Info                  CSI    00000110 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:22:57, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:04, Info                  CSI    00000113 [SR] Verify complete
2013-10-13 17:23:04, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:04, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:06, Info                  CSI    00000117 [SR] Verify complete
2013-10-13 17:23:06, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:06, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:07, Info                  CSI    0000011b [SR] Verify complete
2013-10-13 17:23:07, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:07, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:09, Info                  CSI    0000011f [SR] Verify complete
2013-10-13 17:23:09, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:09, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:18, Info                  CSI    00000134 [SR] Verify complete
2013-10-13 17:23:18, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:18, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:19, Info                  CSI    00000138 [SR] Verify complete
2013-10-13 17:23:19, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:19, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:21, Info                  CSI    0000013c [SR] Verify complete
2013-10-13 17:23:22, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:22, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:24, Info                  CSI    00000140 [SR] Verify complete
2013-10-13 17:23:25, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:25, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:31, Info                  CSI    00000144 [SR] Verify complete
2013-10-13 17:23:31, Info                  CSI    00000145 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:31, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:36, Info                  CSI    00000148 [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2013-10-13 17:23:37, Info                  CSI    0000014b [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2013-10-13 17:23:38, Info                  CSI    0000014f [SR] Verify complete
2013-10-13 17:23:38, Info                  CSI    00000150 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:38, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:39, Info                  CSI    00000153 [SR] Verify complete
2013-10-13 17:23:40, Info                  CSI    00000154 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:40, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:45, Info                  CSI    00000157 [SR] Verify complete
2013-10-13 17:23:45, Info                  CSI    00000158 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:45, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:51, Info                  CSI    0000015b [SR] Verify complete
2013-10-13 17:23:51, Info                  CSI    0000015c [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:51, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2013-10-13 17:23:57, Info                  CSI    0000015f [SR] Verify complete
2013-10-13 17:23:57, Info                  CSI    00000160 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:23:57, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:09, Info                  CSI    00000179 [SR] Verify complete
2013-10-13 17:24:09, Info                  CSI    0000017a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:09, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:14, Info                  CSI    0000017d [SR] Verify complete
2013-10-13 17:24:15, Info                  CSI    0000017e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:15, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:30, Info                  CSI    00000181 [SR] Verify complete
2013-10-13 17:24:31, Info                  CSI    00000182 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:31, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:38, Info                  CSI    00000185 [SR] Verify complete
2013-10-13 17:24:38, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:38, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:45, Info                  CSI    00000189 [SR] Verify complete
2013-10-13 17:24:45, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:45, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:46, Info                  CSI    0000018d [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-10-13 17:24:49, Info                  CSI    0000018f [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-10-13 17:24:49, Info                  CSI    00000190 [SR] This component was referenced by [l:164{82}]"Package_30_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.936330-185_neutral_GDR"
2013-10-13 17:24:49, Info                  CSI    00000193 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2013-10-13 17:24:50, Info                  CSI    00000195 [SR] Verify complete
2013-10-13 17:24:50, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:50, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:54, Info                  CSI    00000199 [SR] Verify complete
2013-10-13 17:24:54, Info                  CSI    0000019a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:54, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2013-10-13 17:24:58, Info                  CSI    0000019f [SR] Verify complete
2013-10-13 17:24:58, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:24:58, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:08, Info                  CSI    000001a3 [SR] Verify complete
2013-10-13 17:25:09, Info                  CSI    000001a4 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:09, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:15, Info                  CSI    000001a7 [SR] Verify complete
2013-10-13 17:25:15, Info                  CSI    000001a8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:15, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:21, Info                  CSI    000001ab [SR] Verify complete
2013-10-13 17:25:21, Info                  CSI    000001ac [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:21, Info                  CSI    000001ad [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:29, Info                  CSI    000001af [SR] Verify complete
2013-10-13 17:25:29, Info                  CSI    000001b0 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:29, Info                  CSI    000001b1 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:34, Info                  CSI    000001b3 [SR] Verify complete
2013-10-13 17:25:34, Info                  CSI    000001b4 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:34, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:41, Info                  CSI    000001b7 [SR] Verify complete
2013-10-13 17:25:41, Info                  CSI    000001b8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:41, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:50, Info                  CSI    000001bc [SR] Verify complete
2013-10-13 17:25:50, Info                  CSI    000001bd [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:50, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2013-10-13 17:25:56, Info                  CSI    000001c0 [SR] Verify complete
2013-10-13 17:25:56, Info                  CSI    000001c1 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:25:56, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:00, Info                  CSI    000001c4 [SR] Verify complete
2013-10-13 17:26:00, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:00, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:06, Info                  CSI    000001c9 [SR] Verify complete
2013-10-13 17:26:07, Info                  CSI    000001ca [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:07, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:13, Info                  CSI    000001d1 [SR] Verify complete
2013-10-13 17:26:13, Info                  CSI    000001d2 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:13, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:17, Info                  CSI    000001d4 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-10-13 17:26:17, Info                  CSI    000001d5 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-10-13 17:26:18, Info                  CSI    000001d7 [SR] Verify complete
2013-10-13 17:26:19, Info                  CSI    000001d8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:19, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:26, Info                  CSI    000001db [SR] Verify complete
2013-10-13 17:26:26, Info                  CSI    000001dc [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:26, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:29, Info                  CSI    000001df [SR] Verify complete
2013-10-13 17:26:29, Info                  CSI    000001e0 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:29, Info                  CSI    000001e1 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:33, Info                  CSI    000001e3 [SR] Verify complete
2013-10-13 17:26:34, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:34, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:38, Info                  CSI    000001e7 [SR] Verify complete
2013-10-13 17:26:38, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:38, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:44, Info                  CSI    000001eb [SR] Verify complete
2013-10-13 17:26:45, Info                  CSI    000001ec [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:45, Info                  CSI    000001ed [SR] Beginning Verify and Repair transaction
2013-10-13 17:26:48, Info                  CSI    000001ef [SR] Verify complete
2013-10-13 17:26:49, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:26:49, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:00, Info                  CSI    000001f3 [SR] Verify complete
2013-10-13 17:27:00, Info                  CSI    000001f4 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:00, Info                  CSI    000001f5 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:02, Info                  CSI    000001f7 [SR] Verify complete
2013-10-13 17:27:03, Info                  CSI    000001f8 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:03, Info                  CSI    000001f9 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:09, Info                  CSI    000001fe [SR] Verify complete
2013-10-13 17:27:09, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:09, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:14, Info                  CSI    00000208 [SR] Verify complete
2013-10-13 17:27:14, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:14, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:17, Info                  CSI    0000020c [SR] Verify complete
2013-10-13 17:27:18, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:18, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:22, Info                  CSI    00000210 [SR] Verify complete
2013-10-13 17:27:22, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:22, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:30, Info                  CSI    00000214 [SR] Verify complete
2013-10-13 17:27:30, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:30, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:33, Info                  CSI    00000218 [SR] Verify complete
2013-10-13 17:27:33, Info                  CSI    00000219 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:33, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:34, Info                  CSI    0000021c [SR] Verify complete
2013-10-13 17:27:35, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:35, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:41, Info                  CSI    00000222 [SR] Verify complete
2013-10-13 17:27:41, Info                  CSI    00000223 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:41, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:47, Info                  CSI    00000229 [SR] Verify complete
2013-10-13 17:27:47, Info                  CSI    0000022a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:47, Info                  CSI    0000022b [SR] Beginning Verify and Repair transaction
2013-10-13 17:27:58, Info                  CSI    00000236 [SR] Verify complete
2013-10-13 17:27:59, Info                  CSI    00000237 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:27:59, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:02, Info                  CSI    00000243 [SR] Verify complete
2013-10-13 17:28:03, Info                  CSI    00000244 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:03, Info                  CSI    00000245 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:06, Info                  CSI    00000247 [SR] Verify complete
2013-10-13 17:28:06, Info                  CSI    00000248 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:06, Info                  CSI    00000249 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:09, Info                  CSI    0000024e [SR] Verify complete
2013-10-13 17:28:09, Info                  CSI    0000024f [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:09, Info                  CSI    00000250 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:12, Info                  CSI    00000252 [SR] Verify complete
2013-10-13 17:28:12, Info                  CSI    00000253 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:12, Info                  CSI    00000254 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:19, Info                  CSI    00000279 [SR] Verify complete
2013-10-13 17:28:19, Info                  CSI    0000027a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:19, Info                  CSI    0000027b [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:22, Info                  CSI    0000027d [SR] Verify complete
2013-10-13 17:28:22, Info                  CSI    0000027e [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:22, Info                  CSI    0000027f [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:25, Info                  CSI    00000281 [SR] Verify complete
2013-10-13 17:28:25, Info                  CSI    00000282 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:25, Info                  CSI    00000283 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:29, Info                  CSI    00000285 [SR] Verify complete
2013-10-13 17:28:29, Info                  CSI    00000286 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:29, Info                  CSI    00000287 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:37, Info                  CSI    00000298 [SR] Verify complete
2013-10-13 17:28:37, Info                  CSI    00000299 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:37, Info                  CSI    0000029a [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:44, Info                  CSI    000002a8 [SR] Verify complete
2013-10-13 17:28:44, Info                  CSI    000002a9 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:44, Info                  CSI    000002aa [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:46, Info                  CSI    000002ac [SR] Verify complete
2013-10-13 17:28:47, Info                  CSI    000002ad [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:47, Info                  CSI    000002ae [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:49, Info                  CSI    000002b1 [SR] Verify complete
2013-10-13 17:28:50, Info                  CSI    000002b2 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:50, Info                  CSI    000002b3 [SR] Beginning Verify and Repair transaction
2013-10-13 17:28:58, Info                  CSI    000002b6 [SR] Verify complete
2013-10-13 17:28:58, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:28:58, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:00, Info                  CSI    000002ba [SR] Verify complete
2013-10-13 17:29:00, Info                  CSI    000002bb [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:00, Info                  CSI    000002bc [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:04, Info                  CSI    000002be [SR] Verify complete
2013-10-13 17:29:04, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:04, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:07, Info                  CSI    000002c2 [SR] Verify complete
2013-10-13 17:29:07, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:07, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:12, Info                  CSI    000002c8 [SR] Verify complete
2013-10-13 17:29:13, Info                  CSI    000002c9 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:13, Info                  CSI    000002ca [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:19, Info                  CSI    000002e4 [SR] Verify complete
2013-10-13 17:29:20, Info                  CSI    000002e5 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:20, Info                  CSI    000002e6 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:35, Info                  CSI    000002e8 [SR] Verify complete
2013-10-13 17:29:36, Info                  CSI    000002e9 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:36, Info                  CSI    000002ea [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:39, Info                  CSI    000002ec [SR] Verify complete
2013-10-13 17:29:39, Info                  CSI    000002ed [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:39, Info                  CSI    000002ee [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:43, Info                  CSI    000002f0 [SR] Verify complete
2013-10-13 17:29:44, Info                  CSI    000002f1 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:44, Info                  CSI    000002f2 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:47, Info                  CSI    000002f4 [SR] Verify complete
2013-10-13 17:29:47, Info                  CSI    000002f5 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:47, Info                  CSI    000002f6 [SR] Beginning Verify and Repair transaction
2013-10-13 17:29:57, Info                  CSI    000002f9 [SR] Verify complete
2013-10-13 17:29:57, Info                  CSI    000002fa [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:29:57, Info                  CSI    000002fb [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:00, Info                  CSI    000002fd [SR] Verify complete
2013-10-13 17:30:01, Info                  CSI    000002fe [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:01, Info                  CSI    000002ff [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:05, Info                  CSI    00000301 [SR] Verify complete
2013-10-13 17:30:06, Info                  CSI    00000302 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:06, Info                  CSI    00000303 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:09, Info                  CSI    00000305 [SR] Verify complete
2013-10-13 17:30:09, Info                  CSI    00000306 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:09, Info                  CSI    00000307 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:13, Info                  CSI    0000030a [SR] Verify complete
2013-10-13 17:30:13, Info                  CSI    0000030b [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:13, Info                  CSI    0000030c [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:16, Info                  CSI    0000030e [SR] Verify complete
2013-10-13 17:30:16, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:16, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:21, Info                  CSI    00000315 [SR] Verify complete
2013-10-13 17:30:21, Info                  CSI    00000316 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:21, Info                  CSI    00000317 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:25, Info       
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 13, 2013, 06:34:36 PM
Continued:

2013-10-13 17:30:21, Info                  CSI    00000317 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:25, Info                  CSI    00000319 [SR] Verify complete
2013-10-13 17:30:26, Info                  CSI    0000031a [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:26, Info                  CSI    0000031b [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:31, Info                  CSI    0000031e [SR] Verify complete
2013-10-13 17:30:31, Info                  CSI    0000031f [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:31, Info                  CSI    00000320 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:35, Info                  CSI    00000322 [SR] Verify complete
2013-10-13 17:30:36, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:36, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:40, Info                  CSI    00000326 [SR] Verify complete
2013-10-13 17:30:40, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2013-10-13 17:30:40, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:45, Info                  CSI    0000032a [SR] Verify complete
2013-10-13 17:30:46, Info                  CSI    0000032b [SR] Verifying 47 (0x000000000000002f) components
2013-10-13 17:30:46, Info                  CSI    0000032c [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:47, Info                  CSI    0000032e [SR] Verify complete
2013-10-13 17:30:47, Info                  CSI    0000032f [SR] Repairing 4 components
2013-10-13 17:30:47, Info                  CSI    00000330 [SR] Beginning Verify and Repair transaction
2013-10-13 17:30:48, Info                  CSI    00000332 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-10-13 17:30:48, Info                  CSI    00000334 [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2013-10-13 17:30:48, Info                  CSI    00000337 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-10-13 17:30:48, Info                  CSI    00000338 [SR] This component was referenced by [l:164{82}]"Package_30_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.936330-185_neutral_GDR"
2013-10-13 17:30:48, Info                  CSI    0000033b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2013-10-13 17:30:48, Info                  CSI    0000033c [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-10-13 17:30:48, Info                  CSI    0000033d [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-10-13 17:30:48, Info                  CSI    0000033f [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2013-10-13 17:30:48, Info                  CSI    00000342 [SR] Repair complete
2013-10-13 17:30:48, Info                  CSI    00000343 [SR] Committing transaction
2013-10-13 17:30:48, Info                  CSI    00000347 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 13, 2013, 06:39:49 PM
Could you find and zip up tcpmon.ini and attach it to a reply. You did fix some problem files. How often do you get BSOD's?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 15, 2013, 09:45:47 PM
here's the tcpmon file. I haven't really seen any BSOD's, what usually happens is that i'll go to use the computer, and upon trying to wake it from sleep/hibernation, it just hangs on a black screen.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 15, 2013, 11:17:53 PM
also, I updated the audio, wireless LAN, and graphics chipset drivers
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 15, 2013, 11:46:28 PM
Try setting up your computer so it will go to sleep after 1 minute and then go thru a dozen sleep / wake cycles and see what happens. Let me know.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on October 25, 2013, 10:11:19 AM
MikeMobes, still around?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on October 28, 2013, 05:09:04 PM
still around. About to do the sleep/wake cycles.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on November 19, 2013, 06:22:24 PM
When doing sleep/wake cycles, it works fine. However, occasionally, when i get up in the morning to awake the computer, it turns on like it was off all the way, and pops up an error message once windows is up and running about the system recovering from a serious error.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on November 19, 2013, 07:11:02 PM
Do you have your computer going to sleep or hibernation at night?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on November 20, 2013, 01:51:59 PM
no, i usually just close the lid... I do suspect my g/f of unplugging my laptop to charge hers.  in the past, ive caught her unplugging my laptop without turning it off, and letting it die, but that should just make it hibernate, right?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on November 20, 2013, 01:56:54 PM
Depends on the power settings.  Go thru all your power settings and make sure they are set to go to sleep and not hibernate. Let me know what you find.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on November 30, 2013, 07:14:59 PM
MikeMobes, any updates? How is it going?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on December 29, 2013, 10:54:19 AM
Still around?
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: MikeMobes on January 26, 2014, 01:41:02 AM
sorry man, was laid off / didn't have internet for a little bit there. All better now though, new job! I'm working a graveyard tonight and am going to read through the posts and work on a better update/reply for you before I'm off of work in 10ish hours.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on January 26, 2014, 10:33:27 AM
OK, no worries. Glad to hear about the new job.
Title: Re: [In Progress] Aquired parent's old laptop, runs slow, discs don't eject.
Post by: Hoov on January 26, 2015, 11:05:18 AM
This thread is being closed due to inactivity. If you need it reopened send me a PM. This applies to the originator only. Anyone else please start a new thread.