Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Blue screen and crashing launcher

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 13th, 2014, 2:33 am

My Sims 2 launcher keeps crashing and while I was in the middle of a skype call my computer went to a blue screen that said it was shutting down my computer to avoid further damage. Also, I'm not allowed to access my firewall settings. My computer isn't slow or laggy at all. FRST refused to run so I couldn't get the logs from it.

dds--

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 10.45.2
Run by Danielle at 2:20:07 on 2014-07-13
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1918.844 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [DPService] "c:\program files\hp\dvdplay\DPService.exe"
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe" -delete
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: netzero.com
Trusted Zone: netzero.net
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{67E63B23-21BC-46DB-AD98-4089574A6E5B} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2014-6-5 1439744]
R3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2008-8-25 207360]
S2 4ccdc918;Smooth Browsing;c:\windows\system32\rundll32.exe [2006-11-2 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 hitmanpro36;HitmanPro 3.6 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-8-5 27424]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-07-11 18:33:07 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-11 18:32:49 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-11 18:32:49 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-11 18:32:48 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-24 21:44:41 -------- d-----w- c:\users\danielle\appdata\local\Skype
.
==================== Find3M ====================
.
2014-07-09 00:09:41 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 00:09:41 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-12 11:25:54 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 2:20:55.81 ===============

attach--

DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 9/4/2008 10:07:29 AM
System Uptime: 7/13/2014 2:03:05 AM (0 hours ago)
.
Motherboard: OEM_MB | | IVY8
Processor: AMD Sempron(tm) Dual Core Processor 2200 | Socket AM2 | 1800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 13.569 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.505 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader X (10.1.10)
Battle.net
CameraHelperMsi
Cards_Calendar_OrderGift_DoMorePlugout
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
DVD Play
Enhanced Multimedia Keyboard Solution
erLT
Facebook Video Calling 2.0.0.447
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Demo
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Advisor
HP Update
HPPhotoSmartPhotobookWebPack1
HPTCSSetup
Java 7 Update 45
Java Auto Updater
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Play System (Patching)
NVIDIA Drivers
Origin
PCIe Soft Data Fax Modem with SmartCP
PSSWCORE
Python 2.5.2
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype Click to Call
Skype™ 6.16
Spotify
Strongvault Online Backup
The Sims 2 Glamour Life Stuff
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Double Deluxe
The Sims™ 2 FreeTime
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 3
The Sims™ 3 70s, 80s, & 90s Stuff
The Sims™ 3 Ambitions
The Sims™ 3 Diesel Stuff
The Sims™ 3 Fast Lane Stuff
The Sims™ 3 Generations
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 Into the Future
The Sims™ 3 Island Paradise
The Sims™ 3 Katy Perry's Sweet Treats
The Sims™ 3 Late Night
The Sims™ 3 Master Suite Stuff
The Sims™ 3 Movie Stuff
The Sims™ 3 Outdoor Living Stuff
The Sims™ 3 Pets
The Sims™ 3 Seasons
The Sims™ 3 Showtime
The Sims™ 3 Supernatural
The Sims™ 3 Town Life Stuff
The Sims™ 3 University Life
The Sims™ 3 World Adventures
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
World of Warcraft
.
==== End Of File ===========================
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm
Advertisement
Register to Remove

Re: Blue screen and crashing launcher

Unread postby Gary R » July 16th, 2014, 1:18 am

There's no obvious signs of infection in the DDS logs that you've provided, and any problems you're having with "The Sims 2" will best be addressed by contacting the manufacturers of that game, our speciality is malware removal.

There are one or two things showing in your logs that need attending to, and we'll deal with them shortly, but first I'd like to run some additional scans to ensure that you're not carrying an infection that DDS doesn't see.

First ...

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Next ...

You say your computer blue screened when using Skype, in which case it will have created a minidump file, which can be found in the C:\Windows\Minidump folder.

Please zip it up and attach it to your next post.

To do that ...

  • Navigate to C:\Windows\Minidump
  • Select any files you might find there.
  • Right click them, and select Send to > Compressed (zipped) folder.
  • Windows will create a zipped folder containing the files you've selected.
  • Now open the forum post editor as you would if you were making a normal post.
  • Scan down below the entry field, and click on upload attachment
  • Click on the Browse button and browse to the zipped folder you've just created.
  • Double click on it to select it.
  • Click on the Submit button to submit your post and include the attachment.


Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • E-Set log
  • Attached Minidump file(s)


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 16th, 2014, 1:05 pm

OTL logfile created on: 7/16/2014 12:54:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.78% Memory free
3.99 Gb Paging File | 2.56 Gb Available in Paging File | 64.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 12.82 Gb Free Space | 9.29% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.50 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive E: | 612.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.32 Gb Total Space | 4.15 Gb Free Space | 56.72% Space Free | Partition Type: FAT32

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/16 12:53:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
PRC - [2014/06/20 22:07:38 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/09 11:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/06/22 15:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 15:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/20 22:07:36 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/01/13 23:04:07 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a3a76226460de2153a62bdbfed9228b9\System.Management.ni.dll
MOD - [2014/01/13 23:03:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2014/01/13 23:03:00 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5cbea3b1a1d74123219b69306b8c8af2\System.Transactions.ni.dll
MOD - [2014/01/13 23:02:59 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.ni.dll
MOD - [2014/01/13 23:02:59 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.Wrapper.dll
MOD - [2014/01/13 23:02:27 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\550e7b31f1821d964f21f0a854e3f195\System.Data.ni.dll
MOD - [2014/01/13 23:02:15 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\61019556ac408cc39cc478101b0d3cb4\PresentationFramework.Aero.ni.dll
MOD - [2014/01/13 23:02:14 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0444ab43ccfb3390d2eaab1d9a34772f\PresentationFramework.ni.dll
MOD - [2014/01/13 23:01:50 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2014/01/13 23:01:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2014/01/13 23:01:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2014/01/13 23:01:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2014/01/13 23:01:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5c25d899e7dcebd6b63d192b79bc6b8e\PresentationCore.ni.dll
MOD - [2014/01/13 23:01:02 | 003,314,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\93391bd2f02e492718c69bef3abc5a64\WindowsBase.ni.dll
MOD - [2014/01/13 23:00:56 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2014/01/13 23:00:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2011/11/11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/11/11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/11/11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/11/11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/11/11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009/04/11 00:28:22 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 20:04:16 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 22:42:20 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 22:42:18 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/07/03 15:45:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/07/03 15:42:56 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/07/03 15:42:54 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/07/03 15:42:48 | 000,114,688 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/07/03 15:42:46 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/07/03 15:42:40 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/07/03 15:42:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/07/03 15:42:40 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll


========== Services (SafeList) ==========

SRV - [2014/07/08 20:09:42 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/20 22:07:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/09 11:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Danielle\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (esgiguard)
DRV - [2012/08/05 22:47:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012/01/18 02:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 02:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/10/10 19:48:00 | 001,439,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2008/06/06 15:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 15:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 10:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/22 05:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/05/21 07:44:10 | 001,049,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/02/12 11:27:34 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/02/12 11:25:22 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 11:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS468
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.33
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/22 20:37:19 | 000,000,000 | ---D | M]

[2013/11/24 19:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Extensions
[2014/07/11 15:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions
[2014/07/11 15:05:58 | 000,538,443 | ---- | M] () (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/03/22 15:54:30 | 000,002,537 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\safesearch.xml
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/06/20 22:07:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Browse2save = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh\1\
CHR - Extension: Skype Click to Call = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15705.1852_0\
CHR - Extension: Google Wallet = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [DPService] C:\Program Files\HP\DVDPlay\DPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.net ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67E63B23-21BC-46DB-AD98-4089574A6E5B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 09:12:57 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/11 19:47:17 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/10/22 10:19:21 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:47:17 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:47:12 | 000,000,166 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/10/11 19:47:17 | 000,703,552 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/16 12:53:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/07/13 02:19:38 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[2014/07/11 14:33:07 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/11 14:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/11 14:32:49 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/07/11 14:32:49 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/07/11 14:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/07/03 16:50:15 | 000,000,000 | ---D | C] -- C:\Users\Danielle\Documents\My PlayLists
[2014/06/24 17:44:41 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\Skype
[2014/06/24 17:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/06/24 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/07/16 12:55:22 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job
[2014/07/16 12:53:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/07/16 12:47:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/16 12:47:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/15 21:41:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 21:41:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/14 12:33:06 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDanielle.job
[2014/07/13 02:19:40 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[2014/07/13 02:03:20 | 209,162,023 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/12 12:03:19 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/08 20:09:41 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/07/08 20:09:41 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/07/02 13:26:15 | 000,000,680 | ---- | M] () -- C:\Users\Danielle\AppData\Local\d3d9caps.dat
[2014/06/28 01:26:02 | 000,304,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/06/26 00:49:53 | 000,001,125 | ---- | M] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player - Shortcut.lnk
[2014/06/21 16:28:05 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/06/21 16:28:05 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/07/13 02:03:20 | 209,162,023 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/06/26 00:49:53 | 000,001,125 | ---- | C] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player - Shortcut.lnk
[2014/01/28 16:28:41 | 000,001,464 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/01/13 22:23:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2014/01/13 22:21:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/04/26 14:01:46 | 000,000,039 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/26 14:01:45 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2013/01/16 01:03:45 | 000,000,552 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d8caps.dat
[2012/08/05 22:47:29 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/08/05 18:01:56 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/05/03 16:34:52 | 000,000,000 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\wklnhst.dat
[2008/12/21 11:13:38 | 000,007,715 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\UserTile.png
[2008/12/05 09:49:07 | 000,017,408 | ---- | C] () -- C:\Users\Danielle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/04 16:38:42 | 000,000,680 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/04/25 16:03:29 | 000,000,000 | -HSD | M] -- C:\Users\Danielle\AppData\Roaming\.#
[2014/06/04 18:39:18 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Battle.net
[2009/05/12 16:01:10 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Gamelab
[2012/08/19 15:54:44 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Leadertech
[2012/08/08 07:01:16 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\MusicNet
[2014/01/30 01:31:08 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Origin
[2010/04/18 14:58:39 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\PlayFirst
[2009/01/03 01:15:19 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\SPORE Creature Creator
[2014/07/13 01:49:34 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Spotify
[2012/05/03 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Template
[2013/03/26 17:30:46 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\WinBatch
[2010/07/08 00:19:13 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PlayFirst
[2010/03/31 17:05:31 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 7/16/2014 12:54:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.78% Memory free
3.99 Gb Paging File | 2.56 Gb Available in Paging File | 64.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 12.82 Gb Free Space | 9.29% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.50 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive E: | 612.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.32 Gb Total Space | 4.15 Gb Free Space | 56.72% Space Free | Partition Type: FAT32

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Stuff
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = DVD Play
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5E33D30D-D896-4D92-B033-5F45819B2937}" = Strongvault Online Backup
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0087539-3C57-44E0-BEE7-D779D546CBE1}" = The Sims™ 3 Movie Stuff
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E1868CAE-E3B9-4099-8C18-AA8944D336FD}" = The Sims™ 3 70s, 80s, & 90s Stuff
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Battle.net" = Battle.net
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIA Drivers" = NVIDIA Drivers
"Origin" = Origin
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/11/2014 2:28:51 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x1644, application
start time 0x01cf9d35f04a1c50.

Error - 7/11/2014 2:29:15 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x126c, application
start time 0x01cf9d3603d550a0.

Error - 7/11/2014 2:49:49 PM | Computer Name = Sennstrom-Home | Source = WinMgmt | ID = 10
Description =

Error - 7/11/2014 11:17:20 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0xe70, application
start time 0x01cf9d7fc88c7790.

Error - 7/11/2014 11:17:50 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x2c8, application
start time 0x01cf9d7fdb7b92f0.

Error - 7/11/2014 11:20:32 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0xfe0, application
start time 0x01cf9d803c177a20.

Error - 7/12/2014 3:26:36 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x109c, application
start time 0x01cf9e072c83f980.

Error - 7/13/2014 2:05:06 AM | Computer Name = Sennstrom-Home | Source = WinMgmt | ID = 10
Description =

Error - 7/13/2014 8:18:25 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x614, application
start time 0x01cf9ef91e3e5300.

Error - 7/14/2014 12:42:06 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x8ec, application
start time 0x01cf9f82868f0b00.

[ System Events ]
Error - 7/11/2014 2:49:50 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/12/2014 12:00:16 PM | Computer Name = Sennstrom-Home | Source = Dhcpv6 | ID = 1000
Description = Your computer has lost the lease to its IP address & 2+ga on the Network
Card with network address 4494FCFA6AEE.

Error - 7/13/2014 2:03:44 AM | Computer Name = Sennstrom-Home | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:00:49 AM on 7/13/2014 was unexpected.

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7023
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7000
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7009
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/13/2014 8:16:19 PM | Computer Name = Sennstrom-Home | Source = DCOM | ID = 10010
Description =

Error - 7/15/2014 9:41:36 AM | Computer Name = Sennstrom-Home | Source = Dhcpv6 | ID = 1000
Description = Your computer has lost the lease to its IP address & 2+ga on the Network
Card with network address 4494FCFA6AEE.


< End of report >
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 16th, 2014, 1:09 pm

OTL logfile created on: 7/16/2014 12:54:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.78% Memory free
3.99 Gb Paging File | 2.56 Gb Available in Paging File | 64.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 12.82 Gb Free Space | 9.29% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.50 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive E: | 612.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.32 Gb Total Space | 4.15 Gb Free Space | 56.72% Space Free | Partition Type: FAT32

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/16 12:53:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
PRC - [2014/06/20 22:07:38 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/09 11:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/06/22 15:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 15:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/20 22:07:36 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/01/13 23:04:07 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a3a76226460de2153a62bdbfed9228b9\System.Management.ni.dll
MOD - [2014/01/13 23:03:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2014/01/13 23:03:00 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5cbea3b1a1d74123219b69306b8c8af2\System.Transactions.ni.dll
MOD - [2014/01/13 23:02:59 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.ni.dll
MOD - [2014/01/13 23:02:59 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.Wrapper.dll
MOD - [2014/01/13 23:02:27 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\550e7b31f1821d964f21f0a854e3f195\System.Data.ni.dll
MOD - [2014/01/13 23:02:15 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\61019556ac408cc39cc478101b0d3cb4\PresentationFramework.Aero.ni.dll
MOD - [2014/01/13 23:02:14 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0444ab43ccfb3390d2eaab1d9a34772f\PresentationFramework.ni.dll
MOD - [2014/01/13 23:01:50 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2014/01/13 23:01:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2014/01/13 23:01:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2014/01/13 23:01:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2014/01/13 23:01:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5c25d899e7dcebd6b63d192b79bc6b8e\PresentationCore.ni.dll
MOD - [2014/01/13 23:01:02 | 003,314,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\93391bd2f02e492718c69bef3abc5a64\WindowsBase.ni.dll
MOD - [2014/01/13 23:00:56 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2014/01/13 23:00:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2011/11/11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/11/11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/11/11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/11/11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/11/11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009/04/11 00:28:22 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 20:04:16 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 22:42:20 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 22:42:18 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/07/03 15:45:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/07/03 15:42:56 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/07/03 15:42:54 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/07/03 15:42:48 | 000,114,688 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/07/03 15:42:46 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/07/03 15:42:40 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/07/03 15:42:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/07/03 15:42:40 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll


========== Services (SafeList) ==========

SRV - [2014/07/08 20:09:42 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/20 22:07:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/09 11:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Danielle\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (esgiguard)
DRV - [2012/08/05 22:47:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012/01/18 02:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 02:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/10/10 19:48:00 | 001,439,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2008/06/06 15:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 15:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 10:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/22 05:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/05/21 07:44:10 | 001,049,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/02/12 11:27:34 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/02/12 11:25:22 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 11:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS468
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.33
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/22 20:37:19 | 000,000,000 | ---D | M]

[2013/11/24 19:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Extensions
[2014/07/11 15:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions
[2014/07/11 15:05:58 | 000,538,443 | ---- | M] () (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/03/22 15:54:30 | 000,002,537 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\safesearch.xml
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 17:09:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/06/20 22:07:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Browse2save = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh\1\
CHR - Extension: Skype Click to Call = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15705.1852_0\
CHR - Extension: Google Wallet = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [DPService] C:\Program Files\HP\DVDPlay\DPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.net ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67E63B23-21BC-46DB-AD98-4089574A6E5B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 09:12:57 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/11 19:47:17 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/10/22 10:19:21 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:47:17 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:47:12 | 000,000,166 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/10/11 19:47:17 | 000,703,552 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/16 12:53:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/07/13 02:19:38 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[2014/07/11 14:33:07 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/11 14:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/11 14:32:49 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/07/11 14:32:49 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/07/11 14:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/07/03 16:50:15 | 000,000,000 | ---D | C] -- C:\Users\Danielle\Documents\My PlayLists
[2014/06/24 17:44:41 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\Skype
[2014/06/24 17:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/06/24 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/07/16 12:55:22 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job
[2014/07/16 12:53:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/07/16 12:47:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/16 12:47:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/15 21:41:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 21:41:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/14 12:33:06 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDanielle.job
[2014/07/13 02:19:40 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[2014/07/13 02:03:20 | 209,162,023 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/12 12:03:19 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/08 20:09:41 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/07/08 20:09:41 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/07/02 13:26:15 | 000,000,680 | ---- | M] () -- C:\Users\Danielle\AppData\Local\d3d9caps.dat
[2014/06/28 01:26:02 | 000,304,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/06/26 00:49:53 | 000,001,125 | ---- | M] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player - Shortcut.lnk
[2014/06/21 16:28:05 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/06/21 16:28:05 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/07/13 02:03:20 | 209,162,023 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/06/26 00:49:53 | 000,001,125 | ---- | C] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player - Shortcut.lnk
[2014/01/28 16:28:41 | 000,001,464 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/01/13 22:23:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2014/01/13 22:21:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/04/26 14:01:46 | 000,000,039 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/26 14:01:45 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2013/01/16 01:03:45 | 000,000,552 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d8caps.dat
[2012/08/05 22:47:29 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/08/05 18:01:56 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/05/03 16:34:52 | 000,000,000 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\wklnhst.dat
[2008/12/21 11:13:38 | 000,007,715 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\UserTile.png
[2008/12/05 09:49:07 | 000,017,408 | ---- | C] () -- C:\Users\Danielle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/04 16:38:42 | 000,000,680 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/04/25 16:03:29 | 000,000,000 | -HSD | M] -- C:\Users\Danielle\AppData\Roaming\.#
[2014/06/04 18:39:18 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Battle.net
[2009/05/12 16:01:10 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Gamelab
[2012/08/19 15:54:44 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Leadertech
[2012/08/08 07:01:16 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\MusicNet
[2014/01/30 01:31:08 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Origin
[2010/04/18 14:58:39 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\PlayFirst
[2009/01/03 01:15:19 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\SPORE Creature Creator
[2014/07/13 01:49:34 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Spotify
[2012/05/03 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Template
[2013/03/26 17:30:46 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\WinBatch
[2010/07/08 00:19:13 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PlayFirst
[2010/03/31 17:05:31 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 7/16/2014 12:54:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.78% Memory free
3.99 Gb Paging File | 2.56 Gb Available in Paging File | 64.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 12.82 Gb Free Space | 9.29% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.50 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive E: | 612.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.32 Gb Total Space | 4.15 Gb Free Space | 56.72% Space Free | Partition Type: FAT32

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Stuff
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = DVD Play
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5E33D30D-D896-4D92-B033-5F45819B2937}" = Strongvault Online Backup
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0087539-3C57-44E0-BEE7-D779D546CBE1}" = The Sims™ 3 Movie Stuff
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E1868CAE-E3B9-4099-8C18-AA8944D336FD}" = The Sims™ 3 70s, 80s, & 90s Stuff
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Battle.net" = Battle.net
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIA Drivers" = NVIDIA Drivers
"Origin" = Origin
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/11/2014 2:28:51 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x1644, application
start time 0x01cf9d35f04a1c50.

Error - 7/11/2014 2:29:15 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x126c, application
start time 0x01cf9d3603d550a0.

Error - 7/11/2014 2:49:49 PM | Computer Name = Sennstrom-Home | Source = WinMgmt | ID = 10
Description =

Error - 7/11/2014 11:17:20 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0xe70, application
start time 0x01cf9d7fc88c7790.

Error - 7/11/2014 11:17:50 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x2c8, application
start time 0x01cf9d7fdb7b92f0.

Error - 7/11/2014 11:20:32 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0xfe0, application
start time 0x01cf9d803c177a20.

Error - 7/12/2014 3:26:36 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x109c, application
start time 0x01cf9e072c83f980.

Error - 7/13/2014 2:05:06 AM | Computer Name = Sennstrom-Home | Source = WinMgmt | ID = 10
Description =

Error - 7/13/2014 8:18:25 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x614, application
start time 0x01cf9ef91e3e5300.

Error - 7/14/2014 12:42:06 PM | Computer Name = Sennstrom-Home | Source = Application Error | ID = 1000
Description = Faulting application Sims2Launcher.exe, version 1.0.0.1, time stamp
0x48f12e72, faulting module Sims2Launcher.exe, version 1.0.0.1, time stamp 0x48f12e72,
exception code 0xc0000005, fault offset 0x00002167, process id 0x8ec, application
start time 0x01cf9f82868f0b00.

[ System Events ]
Error - 7/11/2014 2:49:50 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/12/2014 12:00:16 PM | Computer Name = Sennstrom-Home | Source = Dhcpv6 | ID = 1000
Description = Your computer has lost the lease to its IP address & 2+ga on the Network
Card with network address 4494FCFA6AEE.

Error - 7/13/2014 2:03:44 AM | Computer Name = Sennstrom-Home | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:00:49 AM on 7/13/2014 was unexpected.

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7023
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7000
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7009
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/13/2014 2:05:07 AM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 7/13/2014 8:16:19 PM | Computer Name = Sennstrom-Home | Source = DCOM | ID = 10010
Description =

Error - 7/15/2014 9:41:36 AM | Computer Name = Sennstrom-Home | Source = Dhcpv6 | ID = 1000
Description = Your computer has lost the lease to its IP address & 2+ga on the Network
Card with network address 4494FCFA6AEE.

< End of report >
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 16th, 2014, 1:13 pm

Pretty sure I just posted that twice. I'm sorry v.v
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Gary R » July 16th, 2014, 5:06 pm

I don't see the e-set log I asked for or the minidump file(s) I asked you to attach.

If you're still running the e-set scan, please post me the log from it as soon the scan finishes.

If you can't find the minidump file(s) or you're having trouble attaching them, please let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 16th, 2014, 7:16 pm

Eset online scanner didn't find any threats. When I tried to put the minidump in a zipped folder it said 'file not found or no read permission'
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Gary R » July 17th, 2014, 12:35 am

OK, well there's no sign of any infection in any of the logs you've supplied so far, so whatever is causing your problems with the Sims 2, it does not appear to be Malware related.

There are a couple of minor issues that remain to be dealt with, and we can take care of them now.

First ....

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Java 7 Update 45


Old versions of java can be exploited.

Reboot your computer when it is uninstalled.

Unless you have a specific need for Java (most people don't) then I recommend you do not have it installed. Java is not javascript which most websites use, and which all browsers are able to decypher by default. I've used my computer for years without Java, and I can't remember the last time I was unable to view anything because I didn't have it.

If you do have a specific need for Java, then you should install the latest version ... JDK 7 Update 65 (JDK or JRE).

Next ....

Before we make any changes to your machine I'd like you to create a new System Restore Point ... http://www.howtogeek.com/howto/windows- ... m-restore/

Next ....

Provided you have been able to successfully create a Restore Point ....

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box. (do not include Code: Select all)
Code: Select all
:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Danielle\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - [2012/08/05 22:47:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
[2014/03/22 15:54:30 | 000,002,537 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\safesearch.xml
CHR - Extension: Browse2save = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh\1\
O3 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/10/11 19:47:17 | 000,703,552 | R--- | M] (Electronic Arts Inc.)

:Files
C:\Windows\System32\drivers\hitmanpro36.sys

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next ....

Apart from the one instance when your computer blue screened when you were making a Skype call, have you had any regular trouble with blue screens, or was it just a one off event ?
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 18th, 2014, 12:10 pm

All processes killed
========== OTL ==========
Error: No service named mbr was found to stop!
Service\Driver key mbr not found.
File C:\Users\Danielle\AppData\Local\Temp\mbr.sys not found.
Service hitmanpro36 stopped successfully!
Service hitmanpro36 deleted successfully!
C:\Windows\System32\drivers\hitmanpro36.sys moved successfully.
C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\safesearch.xml moved successfully.
C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh\1 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
========== FILES ==========
File\Folder C:\Windows\System32\drivers\hitmanpro36.sys not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Danielle
->Temp folder emptied: 37090064 bytes
->Temporary Internet Files folder emptied: 40672565 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 404491786 bytes
->Google Chrome cache emptied: 72443439 bytes
->Flash cache emptied: 8341 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 17961285 bytes
->Temporary Internet Files folder emptied: 955879 bytes
->FireFox cache emptied: 29617201 bytes
->Google Chrome cache emptied: 370860255 bytes
->Flash cache emptied: 608 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 195352935 bytes
RecycleBin emptied: 142591902 bytes

Total Files Cleaned = 1,251.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 07182014_120317

Files\Folders moved on Reboot...
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


I haven't had regular trouble with blue screens, it was just that one time.
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Gary R » July 18th, 2014, 3:37 pm

OK, well as far as I can see you're clear of any malware, so any problems you may be having do not appear to have a malware based cause.

A single blue screen event is not something to get too worried about, blue screens happen when an incident that would have damaged your OS occurs, so Windows blue screens to prevent that damage. Usually they're caused by buggy drivers. in this case, since it's a one off event, I would say it was most likely just some unusual combination of circumstances that caused a freak incident. There's every probability that it won't occur again.

As I said earlier, this forum specialises in Malware removal, we do not troubleshoot problems with applications unless they have a malware related cause. That does not appear to be the case here, so the best chance of resolving your "The Sims 2" issues is to contact the game manufacturer, or seeking for a solution on any related support forum they might have.

The following forum would seem to offer that kind of support ... http://forums.thesimsresource.com/index ... elp-forum/ ... I'm not a game player myself, so I can't offer you anything further in the way of help.

Unless you have any further issues, I think we're finished.

Let's clear out OTL and the files and folders it created.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Blue screen and crashing launcher

Unread postby Vanilla-krypton » July 19th, 2014, 3:17 pm

Alrighty. Thank you!
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: Blue screen and crashing launcher

Unread postby Gary R » July 19th, 2014, 3:34 pm

You're welcome. :)

Good luck getting your Sims problems resolved.

As your malware "issues" appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware