Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

windows vista unresponsive after 10 minutes

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 6th, 2015, 5:40 pm

Running Windows Vista 32 bit version SP2.   Windows Vista becomes unresponsive after about 10 minutes.  Problem seems to be related to time rather than which or how many applications are or have been running. 

Boots normally, CPU using 100-50% typically (view with taskmaster).  Soon the CPU usage lessens to zero, windows freeze, cursor freezes, and only shutdown method is to force close via power button. 

SAFE restart but often computer fails to proceed to the login screen.  Just stops with black screen showing a cursor. I can usually restart normally and the freeze occurs again. 

My major worry is that my PC will not stay active long enough to complete the scans, paste logs and reply as I have seen requested as method to a solution on other posts. For some reason I was able to coax the PC to run long enough for Malwarebytes, but found no malware.

Recently when i make a change requiring computing power (using configsys to enable all services or run dds.com scan for example) i am getting the blue screen crash dump error and shutdown (sometimes even before the operation completes). Have to restart and try again for success. I don't know if this change is significant or not.

Pasted below is the latest DDS.txt and Attach.text.

FYI- I am running McAfee virus and firewall software provided by my ISP, Cox Communications.

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16659 BrowserJavaVersion: 11.51.2 Run by wner at 13:50:09 on 2015-08-06 Microsoft� Windows Vista� Home Premium 6.0.6002.2.1252.1.1033.18.2939.1468 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\McAfee\MSC\McAPExe.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe C:\Windows\System32\alg.exe C:\Windows\System32\WerFault.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = http://www.google.com uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll BHO: Secure Online Account Numbers Helper: {435EAA86-D32B-484F-869C-53745FCB1642} - c:\program files\discover\soan\DiscoverSOANHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_51\bin\ssv.dll BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_51\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll TB: Secure Online Account Numbers: {A8C7C2CA-6DFD-4E16-8458-592361564D38} - c:\program files\discover\soan\DiscoverSOANToolbar.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR uRun: [WeatherBug] c:\program files\earth networks\weatherbug\WeatherBug.exe /fromrunkey uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe" mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [mcpltui_exe] "c:\program files\common files\mcafee\platform\mcuicnt.exe" /platui /runkey mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Skytel] Skytel.exe mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe" mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" StartupFolder: c:\users\wner\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\cinefo~1.lnk - c:\program files\cineform\tools\GoProCineFormStatusViewer.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.11.149\SSScheduler.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crl ... crlocx.ocx DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{0A2E6BA9-3B42-4B4C-BBFB-E7D86FD7E9DB} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{1FE2E2E9-AB11-4485-9D54-96CF4D146B30} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{EF5BF8C2-E4B9-4F43-B872-F869DF40ECE2} : DHCPNameServer = 8.8.8.8 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: SDWinLogon - SDWinLogon.dll AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg Hosts: 0.0.0.1 mssplus.mcafee.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\wner\appdata\roaming\mozilla\firefox\profiles\4dezhhjo.default-1413043397398\ FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.28.1\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre1.8.0_51\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_203.dll . ============= SERVICES / DRIVERS =============== . R0 mfedisk;McAfee AAC Disk Filter Driver;c:\windows\system32\drivers\mfedisk.sys [2015-2-17 82800] R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2014-6-20 648552] R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-6-20 217584] R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2014-10-26 39624] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [2011-6-13 132160] R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2014-11-6 690408] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816] R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816] R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2014-11-6 196600] R2 mfemms;McAfee Service Controller;c:\program files\common files\mcafee\systemcore\mfemms.exe [2015-7-8 334576] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-11-6 238288] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-6-20 61848] R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-7-26 23256] R3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys [2015-2-17 304928] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2014-6-20 260248] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-6-20 371648] R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2015-1-16 380496] R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2014-5-16 37064] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2014-4-11 772296] S2 0316451438886839mcinstcleanup;McAfee Application Installer Cleanup (0316451438886839);c:\windows\temp\031645~1.exe -cleanup -nolog --> c:\windows\temp\031645~1.EXE -cleanup -nolog [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608] S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2015-7-26 1133880] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-11-29 84248] S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2015-7-8 147912] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-7-26 98520] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-7-26 51928] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.11.149\McCHSvc.exe [2015-6-26 235696] S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2015-1-16 80760] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-11-29 182680] S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-8-21 9216] S4 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960] S4 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files\garmin\device interaction service\GarminService.exe [2015-4-23 713736] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-21 30192] S4 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816] S4 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\cmw_srv.exe [2014-9-11 935208] S4 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2014-5-16 430344] S4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2014-9-18 14624] S4 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2012-6-19 1646608] S4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-1-12 3921880] S4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-1-12 1042272] S4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-1-12 171416] S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2015-2-18 315488] S4 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728] S4 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S4 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-18 46392] S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] . =============== File Associations =============== . ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2015-07-31 15:42:30 34304 ----a-w- c:\windows\system32\atmlib.dll 2015-07-31 15:42:30 296960 ----a-w- c:\windows\system32\atmfd.dll 2015-07-31 15:26:53 -------- d-----w- c:\program files\McAfee Security Scan 2015-07-29 00:07:41 -------- d-----w- c:\program files\FastStone Image Viewer 2015-07-26 22:45:18 -------- d-----w- C:\2106b46203d50b8b520f 2015-07-26 21:29:21 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-07-26 21:28:30 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-07-26 21:28:30 51928 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-07-26 21:28:29 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-07-26 17:53:38 2066432 ----a-w- c:\windows\system32\win32k.sys 2015-07-26 17:53:16 1316864 ----a-w- c:\windows\system32\ole32.dll 2015-07-26 17:50:48 73216 ----a-w- c:\windows\system32\msiexec.exe 2015-07-26 17:50:47 2264576 ----a-w- c:\windows\system32\msi.dll 2015-07-26 17:50:18 298496 ----a-w- c:\windows\system32\gdi32.dll 2015-07-26 17:45:22 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2015-07-26 17:45:21 107008 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2015-07-26 17:45:19 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2015-07-26 17:45:17 218112 ----a-w- c:\windows\system32\msv1_0.dll 2015-07-26 17:44:30 783872 ----a-w- c:\windows\system32\rpcrt4.dll 2015-07-26 17:44:27 501248 ----a-w- c:\windows\system32\kerberos.dll 2015-07-26 17:44:26 801280 ----a-w- c:\windows\system32\advapi32.dll 2015-07-26 17:44:23 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2015-07-26 16:41:52 225792 ----a-w- c:\windows\system32\cewmdm.dll 2015-07-25 13:31:33 51928 ----a-w- c:\windows\system32\drivers\is-MOELV.tmp 2015-07-11 21:15:45 23256 ----a-w- c:\windows\system32\drivers\is-B68S3.tmp 2015-07-11 21:14:37 51928 ----a-w- c:\windows\system32\drivers\is-EJ24C.tmp 2015-07-11 21:14:18 23256 ----a-w- c:\windows\system32\drivers\is-ON3R4.tmp 2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2015-07-09 16:32:17 18510000 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2015-07-08 19:32:39 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2015-07-07 21:44:39 -------- d-----w- c:\users\wner\.fontconfig . ==================== Find3M ==================== . 2015-08-01 00:06:34 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-08-01 00:06:34 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-07-24 20:18:59 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2015-06-24 06:29:00 1217192 ----a-w- c:\windows\system32\FM20.DLL 2015-06-17 05:23:50 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2015-06-17 05:23:50 69632 ----a-w- c:\windows\system32\QuickTime.qts 2015-05-30 23:55:03 1809920 ----a-w- c:\windows\system32\jscript9.dll 2015-05-30 23:54:04 367616 ----a-w- c:\windows\system32\html.iec 2015-05-30 23:49:49 1129472 ----a-w- c:\windows\system32\wininet.dll 2015-05-30 23:49:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2015-05-30 23:49:02 421888 ----a-w- c:\windows\system32\vbscript.dll 2015-05-30 23:48:29 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2015-05-30 23:47:50 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2015-05-30 23:47:50 11776 ----a-w- c:\windows\system32\mshta.exe 2009-01-21 16:14:40 9780224 ----a-w- c:\program files\openofficeorg30.msi 2008-12-17 10:17:14 426776 ----a-w- c:\program files\setup.exe 2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe 2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe . ============= FINISH: 13:54:26.58 ===============

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft� Windows Vista� Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/3/2009 9:02:00 PM System Uptime: 8/6/2015 1:43:36 PM (0 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 1200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 178 GiB total, 75.887 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0000 Manufacturer: Microsoft Name: isatap.tu.ok.cox.net PNP Device ID: ROOT\*ISATAP\0000 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Tun Miniport Adapter Device ID: ROOT\*TUNMP\0001 Manufacturer: Microsoft Name: Teredo Tunneling Pseudo-Interface PNP Device ID: ROOT\*TUNMP\0001 Service: tunmp . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: HP Deskjet F4500 Device ID: ROOT\IMAGE\0000 Manufacturer: Hewlett-Packard Name: HP Deskjet F4500 PNP Device ID: ROOT\IMAGE\0000 Service: StillCam . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet F4500 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Deskjet F4500 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart C309a series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Photosmart C309a series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Prem C310 series Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Photosmart Prem C310 series PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 6500 E710n-z Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: HP Name: Officejet 6500 E710n-z PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 6700 Device ID: ROOT\MULTIFUNCTION\0004 Manufacturer: HP Name: Officejet 6700 PNP Device ID: ROOT\MULTIFUNCTION\0004 Service: . ==== System Restore Points =================== . . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer 7-Zip 9.20 ABBYY FineReader 5.0 Sprint Adobe AIR Adobe Color Common Settings Adobe Community Help Adobe Creative Suite 5 Master Collection Adobe ExtendScript Toolkit 2 Adobe Flash Player 18 ActiveX Adobe Flash Player 18 NPAPI Adobe Help Center 2.1 Adobe Media Player Adobe Photoshop 7.0 Adobe Photoshop Elements 5.0 Adobe Reader XI (11.0.10) Adobe Refresh Manager Adobe Setup ALZip Amazon Links AnswerWorks 4.0 Runtime - English ANT Drivers Installer x86 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft PhotoImpression Ask Toolbar Audacity 2.0.6 Bonjour BufferChm Camera Assistant Software for Toshiba Canon DIGITAL CAMERA Solution Disk Software Guide CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon Personal Printing Guide Canon PhotoRecord Canon PowerShot SX20 IS Camera User Guide Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RAW Image Converter Canon Utilities RemoteCapture 2.2 Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner CD/DVD Drive Acoustic Silencer CDDRV_Installer Copy Corel Painter Essentials 3 Coupon Printer for Windows Definition Update for Microsoft Office 2010 (KB3054883) 32-Bit Edition Destinations DeviceDiscovery digestIT 2004 DJ_AIO_06_F4500_SW_MIN DVD MovieFactory for TOSHIBA Elevated Installer EPSON Copy Utility Epson Easy Photo Print 2 EPSON NX100 Series Printer Uninstall EPSON PERF 1670 Guide EPSON Photo Print EPSON Scan EPSON Smart Panel EZ Vinyl/Tape Converter 10 by Ion Audio F4500 FastStone Image Viewer 5.3 Foxit PDF Creator Toolbar Updater Foxit Reader Garmin Express Garmin Express Tray Geek Squad 24 Hour Computer Support GIMP GIMP 2.6.6 Google Desktop Google Earth Google Toolbar for Internet Explorer Google Update Helper GoPro Studio 2.0.1 GPBaseService2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotspot Shield 3.42 HP Customer Participation Program 14.0 HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 HP Imaging Device Functions 14.0 HP Photo Creations HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPDiagnosticAlert HPPhotoGadget HPProductAssistant HPSSupply Intel PROSet Wireless Intel(R) Graphics Media Accelerator Driver Intel(R) PROSet/Wireless WiFi Software Intel� Matrix Storage Manager iTunes Java 8 Update 25 Java 8 Update 31 Java 8 Update 40 Java 8 Update 51 Java Auto Updater KhalInstallWrapper LAME v3.99.3 (for Windows) Logitech SetPoint Malwarebytes Anti-Malware version 2.1.8.1057 MarketResearch McAfee Security Scan Plus McAfee SecurityCenter McAfee SiteAdvisor McAfee Virtual Technician Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft Image Composite Editor Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft XML Parser Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 39.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Network NetZero Internet Access Installer nik Color Efex Pro 2.0 GE NTI Shadow OGA Notifier 2.0.0048.0 PDF Settings CS5 Picasa 3 Presto! BizCard 4.0 Component for Windows CE Presto! BizCard 4.1 Eng PxMergeModule QuickBooks Financial Center QuickTime 7 Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Rosetta Stone audio optimizer Rosetta Stone Ltd Services Rosetta Stone TOTALe Samsung Kies Samsung Kies3 Samsung Story Album Viewer SAMSUNG USB Driver for Mobile Phones Scan ScanToWeb Secure Online Account Numbers Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft Excel 2010 (KB3054981) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054834) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3054963) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3054973) 32-Bit Edition Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared C Run-time for x86 Shop for HP Supplies Skype Toolbars Skype� 7.4 SmartWebPrinting SolutionCenter Spybot - Search & Destroy Status Synaptics Pointing Device Driver Toolbox TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Desktop Links TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA Recovery Disc Creator Toshiba Registration TOSHIBA Service Station TOSHIBA Software Modem TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TrayApp Turbo Tax Audit Support Center 2.0 TurboTax 2008 TurboTax 2008 WinPerFedFormset TurboTax 2008 WinPerProgramHelp TurboTax 2008 WinPerReleaseEngine TurboTax 2008 WinPerTaxSupport TurboTax 2008 WinPerUserEducation TurboTax 2008 wokiper TurboTax 2008 wrapper TurboTax 2009 TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wokiper TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wokiper TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wokiper TurboTax 2011 wrapper TurboTax 2012 TurboTax 2012 WinPerFedFormset TurboTax 2012 WinPerReleaseEngine TurboTax 2012 WinPerTaxSupport TurboTax 2012 wokiper TurboTax 2012 wrapper TurboTax 2013 TurboTax 2013 WinPerFedFormset TurboTax 2013 WinPerReleaseEngine TurboTax 2013 WinPerTaxSupport TurboTax 2013 wokiper TurboTax 2013 wrapper TurboTax 2014 TurboTax 2014 WinPerFedFormset TurboTax 2014 WinPerReleaseEngine TurboTax 2014 WinPerTaxSupport TurboTax 2014 wokiper TurboTax 2014 wrapper TurboTax Deluxe 2007 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB2965300) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2589282) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3054976) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WeatherBug� WebReg WildTangent Games Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Windows Media Encoder 9 Series . ==== End Of File ===========================
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm
Advertisement
Register to Remove

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 10th, 2015, 8:52 pm

Hello wfr37, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start

------------------------------------------------------------------------------------------------------------------------------

wfr37,

For the past 2 days I have been trying to sort out your DDS logs in order to review them. As you can see, they are quite unreadable.

Did you use notepad for opening these files for posting? If not, what program?

wbg.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 11th, 2015, 8:07 am

because i was having trouble keeping the pc running long enough to do anything. i coped log to email and then pasted into the forum. below is another attempt from the text files. let me know if this is OK now. for some reason the computer let me run for an hour yesterday while individually copying files to external disk. makes me wonder if a heat/fan problem.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16659 BrowserJavaVersion: 11.51.2
Run by wner at 13:50:09 on 2015-08-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1468 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
C:\Windows\System32\alg.exe
C:\Windows\System32\WerFault.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Secure Online Account Numbers Helper: {435EAA86-D32B-484F-869C-53745FCB1642} - c:\program files\discover\soan\DiscoverSOANHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_51\bin\ssv.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_51\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Secure Online Account Numbers: {A8C7C2CA-6DFD-4E16-8458-592361564D38} - c:\program files\discover\soan\DiscoverSOANToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [WeatherBug] c:\program files\earth networks\weatherbug\WeatherBug.exe /fromrunkey
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "c:\program files\common files\mcafee\platform\mcuicnt.exe" /platui /runkey
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Skytel] Skytel.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
StartupFolder: c:\users\wner\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\cinefo~1.lnk - c:\program files\cineform\tools\GoProCineFormStatusViewer.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.11.149\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crl ... crlocx.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{0A2E6BA9-3B42-4B4C-BBFB-E7D86FD7E9DB} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{1FE2E2E9-AB11-4485-9D54-96CF4D146B30} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{EF5BF8C2-E4B9-4F43-B872-F869DF40ECE2} : DHCPNameServer = 8.8.8.8
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\wner\appdata\roaming\mozilla\firefox\profiles\4dezhhjo.default-1413043397398\
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_51\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_203.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfedisk;McAfee AAC Disk Filter Driver;c:\windows\system32\drivers\mfedisk.sys [2015-2-17 82800]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2014-6-20 648552]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-6-20 217584]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2014-10-26 39624]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [2011-6-13 132160]
R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2014-11-6 690408]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816]
R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2014-11-6 196600]
R2 mfemms;McAfee Service Controller;c:\program files\common files\mcafee\systemcore\mfemms.exe [2015-7-8 334576]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-11-6 238288]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-6-20 61848]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-7-26 23256]
R3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys [2015-2-17 304928]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2014-6-20 260248]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-6-20 371648]
R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2015-1-16 380496]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2014-5-16 37064]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2014-4-11 772296]
S2 0316451438886839mcinstcleanup;McAfee Application Installer Cleanup (0316451438886839);c:\windows\temp\031645~1.exe -cleanup -nolog --> c:\windows\temp\031645~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2015-7-26 1133880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-11-29 84248]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2015-7-8 147912]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-7-26 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-7-26 51928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.11.149\McCHSvc.exe [2015-6-26 235696]
S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2015-1-16 80760]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-11-29 182680]
S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-8-21 9216]
S4 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
S4 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files\garmin\device interaction service\GarminService.exe [2015-4-23 713736]
S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-21 30192]
S4 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-11-6 291816]
S4 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\cmw_srv.exe [2014-9-11 935208]
S4 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2014-5-16 430344]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2014-9-18 14624]
S4 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2012-6-19 1646608]
S4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-1-12 3921880]
S4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-1-12 1042272]
S4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-1-12 171416]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2015-2-18 315488]
S4 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
S4 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S4 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-18 46392]
S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2015-07-31 15:42:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-31 15:42:30 296960 ----a-w- c:\windows\system32\atmfd.dll
2015-07-31 15:26:53 -------- d-----w- c:\program files\McAfee Security Scan
2015-07-29 00:07:41 -------- d-----w- c:\program files\FastStone Image Viewer
2015-07-26 22:45:18 -------- d-----w- C:\2106b46203d50b8b520f
2015-07-26 21:29:21 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-26 21:28:30 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-26 21:28:30 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-26 21:28:29 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-26 17:53:38 2066432 ----a-w- c:\windows\system32\win32k.sys
2015-07-26 17:53:16 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-07-26 17:50:48 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-07-26 17:50:47 2264576 ----a-w- c:\windows\system32\msi.dll
2015-07-26 17:50:18 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-07-26 17:45:22 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-07-26 17:45:21 107008 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-07-26 17:45:19 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-07-26 17:45:17 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-07-26 17:44:30 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-07-26 17:44:27 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-07-26 17:44:26 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-07-26 17:44:23 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-07-26 16:41:52 225792 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-25 13:31:33 51928 ----a-w- c:\windows\system32\drivers\is-MOELV.tmp
2015-07-11 21:15:45 23256 ----a-w- c:\windows\system32\drivers\is-B68S3.tmp
2015-07-11 21:14:37 51928 ----a-w- c:\windows\system32\drivers\is-EJ24C.tmp
2015-07-11 21:14:18 23256 ----a-w- c:\windows\system32\drivers\is-ON3R4.tmp
2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2015-07-10 20:18:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2015-07-09 16:32:17 18510000 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-07-08 19:32:39 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2015-07-07 21:44:39 -------- d-----w- c:\users\wner\.fontconfig
.
==================== Find3M ====================
.
2015-08-01 00:06:34 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-01 00:06:34 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-24 20:18:59 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-06-24 06:29:00 1217192 ----a-w- c:\windows\system32\FM20.DLL
2015-06-17 05:23:50 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2015-06-17 05:23:50 69632 ----a-w- c:\windows\system32\QuickTime.qts
2015-05-30 23:55:03 1809920 ----a-w- c:\windows\system32\jscript9.dll
2015-05-30 23:54:04 367616 ----a-w- c:\windows\system32\html.iec
2015-05-30 23:49:49 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-05-30 23:49:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-05-30 23:49:02 421888 ----a-w- c:\windows\system32\vbscript.dll
2015-05-30 23:48:29 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-05-30 23:47:50 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-05-30 23:47:50 11776 ----a-w- c:\windows\system32\mshta.exe
2009-01-21 16:14:40 9780224 ----a-w- c:\program files\openofficeorg30.msi
2008-12-17 10:17:14 426776 ----a-w- c:\program files\setup.exe
2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe
2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe
.
============= FINISH: 13:54:26.58 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/3/2009 9:02:00 PM
System Uptime: 8/6/2015 1:43:36 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 1200/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 75.887 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name: isatap.tu.ok.cox.net
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: HP Deskjet F4500
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: HP Deskjet F4500
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet F4500 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C309a series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart C309a series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart Prem C310 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Photosmart Prem C310 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E710n-z
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: HP
Name: Officejet 6500 E710n-z
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6700
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer: HP
Name: Officejet 6700
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 9.20
ABBYY FineReader 5.0 Sprint
Adobe AIR
Adobe Color Common Settings
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe ExtendScript Toolkit 2
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Help Center 2.1
Adobe Media Player
Adobe Photoshop 7.0
Adobe Photoshop Elements 5.0
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Adobe Setup
ALZip
Amazon Links
AnswerWorks 4.0 Runtime - English
ANT Drivers Installer x86
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
Ask Toolbar
Audacity 2.0.6
Bonjour
BufferChm
Camera Assistant Software for Toshiba
Canon DIGITAL CAMERA Solution Disk Software Guide
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PhotoRecord
Canon PowerShot SX20 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RAW Image Converter
Canon Utilities RemoteCapture 2.2
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
CD/DVD Drive Acoustic Silencer
CDDRV_Installer
Copy
Corel Painter Essentials 3
Coupon Printer for Windows
Definition Update for Microsoft Office 2010 (KB3054883) 32-Bit Edition
Destinations
DeviceDiscovery
digestIT 2004
DJ_AIO_06_F4500_SW_MIN
DVD MovieFactory for TOSHIBA
Elevated Installer
EPSON Copy Utility
Epson Easy Photo Print 2
EPSON NX100 Series Printer Uninstall
EPSON PERF 1670 Guide
EPSON Photo Print
EPSON Scan
EPSON Smart Panel
EZ Vinyl/Tape Converter 10 by Ion Audio
F4500
FastStone Image Viewer 5.3
Foxit PDF Creator Toolbar Updater
Foxit Reader
Garmin Express
Garmin Express Tray
Geek Squad 24 Hour Computer Support
GIMP
GIMP 2.6.6
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoPro Studio 2.0.1
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotspot Shield 3.42
HP Customer Participation Program 14.0
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Photo Creations
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
Intel® Matrix Storage Manager
iTunes
Java 8 Update 25
Java 8 Update 31
Java 8 Update 40
Java 8 Update 51
Java Auto Updater
KhalInstallWrapper
LAME v3.99.3 (for Windows)
Logitech SetPoint
Malwarebytes Anti-Malware version 2.1.8.1057
MarketResearch
McAfee Security Scan Plus
McAfee SecurityCenter
McAfee SiteAdvisor
McAfee Virtual Technician
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.2
Microsoft Image Composite Editor
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft XML Parser
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 39.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
Network
NetZero Internet Access Installer
nik Color Efex Pro 2.0 GE
NTI Shadow
OGA Notifier 2.0.0048.0
PDF Settings CS5
Picasa 3
Presto! BizCard 4.0 Component for Windows CE
Presto! BizCard 4.1 Eng
PxMergeModule
QuickBooks Financial Center
QuickTime 7
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Rosetta Stone audio optimizer
Rosetta Stone Ltd Services
Rosetta Stone TOTALe
Samsung Kies
Samsung Kies3
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Scan
ScanToWeb
Secure Online Account Numbers
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft .NET Framework 4.5.2 (KB3048077)
Security Update for Microsoft Excel 2010 (KB3054981) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054834) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3054963) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3054973) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x86
Shop for HP Supplies
Skype Toolbars
Skype™ 7.4
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Software Modem
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
Turbo Tax Audit Support Center 2.0
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wokiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wokiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wokiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wokiper
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wokiper
TurboTax 2012 wrapper
TurboTax 2013
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wokiper
TurboTax 2013 wrapper
TurboTax 2014
TurboTax 2014 WinPerFedFormset
TurboTax 2014 WinPerReleaseEngine
TurboTax 2014 WinPerTaxSupport
TurboTax 2014 wokiper
TurboTax 2014 wrapper
TurboTax Deluxe 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Access 2010 (KB2965300) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589282) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3054976) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WeatherBug®
WebReg
WildTangent Games
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Media Encoder 9 Series
.
==== End Of File ===========================
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 12th, 2015, 8:31 pm

Hi wfr37,

Run these and post the results as required.

Step 1.
Uninstall Programs
I need you to uninstall some program(s).
  1. Click on Start...then... Click the Start Search box on the Start Menu.
  2. Copy and paste the value below, into the open text entry box:
    control appwiz.cpl
      Depending on your current view setting ...
    • Double click on Programs and Features.
    • Under Programs, click on Uninstall a program.
  3. Locate the following program(s):
    Ask Toolbar
    Coupon Printer for Windows
    Google Toolbar for Internet Explorer
    McAfee Security Scan Plus
    WeatherBug®
  4. Select the program and click on Uninstall to uninstall it.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
  5. Repeat steps 3 - 4 for each program in the list. When finished... Close the Control Panel window.



Step 2.
Remove all old versions of Java
Rather than have you remove all the old versions of Java one at a time, this link takes you to Java.com and removes them for you. This saves you 3 uninstall steps.
Remove Older Versions of Java


Step 3.
FRST - Farbar Recovery Scanner Tool Image

Please download FRST.exe ... by Farbar. Save it to your desktop.
  1. Right click on FRST.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.


Step 4.
aswMBR - Scan

Please download aswMBR.exe ... © Avast Software ( 511KB ). Save it to your desktop.
  1. Right click the aswMBR.exe icon... select "Run As Administrator" to run it.
  2. aswmbr uses Avast's virus definition, if prompted to download definitions... reply Yes.
    It may take some time for these definitions to download, please be patient.
  3. Make sure Quick Scan is set in the options... then click the "Scan" button to start the scan.
    The scan wil take a few minutes, please be patient.
  4. On completion... "Scan finished successfully" will be displayed... press the "Save log" button.
  5. You'll be prompted to save a file named "aswMBR.txt"... Save it to your desktop.
  6. Please copy and paste the contents of aswMBR.txt in your next reply.
Note: A file will be created and placed on your desktop when you execute aswMBR, named MBR.dat
This is a copy of your MBR record, before any changes, to be used to recover MBR to previous condition, if problem exist after changes.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.



What I need back from you:
Post each separately.
  1. Contents of FRST.txt
  2. Contents of Addition.txt
  3. Contents of aswMBR.txt
  4. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 13th, 2015, 12:03 pm

Thanks for your help wbg.
Unable to uninstall Weatherbug. Error window said setup resource not found.
While there decided to uninstall the Java versions and mistakenly uninstalled All versions not just old. Since you instructed do not install any new programs, i did Not download current Java version.
Able to install and execute ASWMBR ok, but tried five times and each time blue screen crash dump occurred. Did not have blue screen until tried to run this scan. Last time screen said Kernal_Stack_Inpage_Error, Stop: 0x00000077 (0x00000001, 0x00000000, 0x00000000, 0xc1a1ab78). Crashed at point where scan was checking windows native images location. Even tried laptop over AC vent in case heat related problem, failed same place, outcome the same.

below is FRST txt file content Additional to follow:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-08-2015
Ran by wner (administrator) on WNER-PC (13-08-2015 08:05:04)
Running from C:\Users\wner\Downloads
Loaded Profiles: wner (Available Profiles: wner & Everyday)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-02-06] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582288 2015-03-03] (McAfee, Inc.)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-05-09] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-05] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Everyday\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\Everyday\...\Run: [EPSON NX100 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDA.EXE [188928 2008-02-04] (SEIKO EPSON CORPORATION)
HKU\Everyday\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-05] (Samsung)
HKU\Everyday\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\Everyday\...\Run: [AdobeBridge] => [X]
HKU\Everyday\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\Everyday\...\Run: [hsscp.EXE] => C:\Users\Everyday\AppData\Roaming\Hotspot Shield\bin\hsscp.EXE [1805608 2014-05-16] (AnchorFree Inc.)
HKU\Everyday\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Run: [] => [X]
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2013-10-01] ()
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-05] (Samsung)
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-31] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-03-03] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2015-07-29]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\Everyday\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-03-03] ()
Startup: C:\Users\wner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2015-07-29]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [Everyday] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
HKU\Everyday\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\Everyday\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
HKU\Everyday\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSHB
URLSearchHook: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {2E693E70-20FB-4ACD-93EA-BF4721FBA9BB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {2E693E70-20FB-4ACD-93EA-BF4721FBA9BB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\Everyday -> DefaultScope {3C29B292-060E-4ABA-AA0D-55A17D983632} URL = hxxps://search.yahoo.com/search?fr=mcaf ... 0140731&p={searchTerms}
SearchScopes: HKU\Everyday -> {2E693E70-20FB-4ACD-93EA-BF4721FBA9BB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_enUS320
SearchScopes: HKU\Everyday -> {3C29B292-060E-4ABA-AA0D-55A17D983632} URL = hxxps://search.yahoo.com/search?fr=mcaf ... 0140731&p={searchTerms}
SearchScopes: HKU\Everyday -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=C8yGRHnF ... LwvtMkI?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> DefaultScope {2E693E70-20FB-4ACD-93EA-BF4721FBA9BB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_enUS320
SearchScopes: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://search.yahoo.com/search?fr=mcafe ... 11US636&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> {2E693E70-20FB-4ACD-93EA-BF4721FBA9BB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_enUS320
SearchScopes: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=e5dTY0S0 ... BhTbgFo?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> {C2813C05-014E-478A-B226-12614D26CCCD} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO: Secure Online Account Numbers Helper -> {435EAA86-D32B-484F-869C-53745FCB1642} -> C:\Program Files\Discover\SOAN\DiscoverSOANHelper.dll [2010-03-05] (Orbiscom Ltd. All rights reserved.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2015-08-04] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Secure Online Account Numbers - {A8C7C2CA-6DFD-4E16-8458-592361564D38} - C:\Program Files\Discover\SOAN\DiscoverSOANToolbar.dll [2010-03-05] (Orbiscom Ltd. All rights reserved.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2015-08-04] (McAfee, Inc.)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Toolbar: HKU\Everyday -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crl ... crlocx.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2015-08-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\mcieplg.dll [2015-08-04] (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{0A2E6BA9-3B42-4B4C-BBFB-E7D86FD7E9DB}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{1FE2E2E9-AB11-4485-9D54-96CF4D146B30}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{EF5BF8C2-E4B9-4F43-B872-F869DF40ECE2}: [DhcpNameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\wner\AppData\Roaming\Mozilla\Firefox\Profiles\4dezhhjo.default-1413043397398
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2012-06-06] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-03-04] (McAfee, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\Everyday: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-05-12]
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-08-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-28]
FF HKLM\...\Firefox\Extensions: [discoversoan@orbiscom] - C:\Program Files\Discover\SOAN
FF Extension: Secure Online Account Numbers - C:\Program Files\Discover\SOAN [2010-12-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-04]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2011-06-13]
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-11-24]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-06]
FF HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-11]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2011-06-13]
StartMenuInternet: Google Chrome.4BO7VIB266JSAGPMJZDAXRW5SA - C:\Users\Everyday\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0026551439469989mcinstcleanup; C:\Windows\TEMP\002655~1.EXE [883024 2015-05-04] (McAfee, Inc.)
S4 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-17] (TOSHIBA CORPORATION) [File not signed]
S4 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
S4 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [164600 2008-05-28] (WildTangent, Inc.)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-31] (Google)
S3 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S4 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [935208 2014-09-11] (AnchorFree Inc.)
S4 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-16] ()
S4 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\mcsacore.exe [132160 2015-08-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-03-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
S4 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd.)
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-24] (Toshiba) [File not signed]
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [46392 2008-08-04] (TOSHIBA Corporation)
S4 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) [File not signed]
S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-05-16] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
S3 SVRPEDRV; C:\Windows\System32\sysprep\PEDrv.sys [9216 2008-01-18] (Inventec Corporation) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-16] (Anchorfree Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-13 08:05 - 2015-08-13 08:08 - 00027491 _____ C:\Users\wner\Downloads\FRST.txt
2015-08-13 08:04 - 2015-08-13 08:05 - 00000000 ____D C:\FRST
2015-08-13 08:03 - 2015-08-13 08:03 - 01677824 _____ (Farbar) C:\Users\wner\Downloads\FRST.exe
2015-08-11 14:56 - 2015-06-16 20:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 14:56 - 2015-06-16 20:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 14:56 - 2015-06-16 20:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 14:56 - 2015-06-16 20:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 14:56 - 2015-06-16 20:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 14:56 - 2015-06-16 20:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 14:56 - 2015-06-16 20:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-11 14:56 - 2015-06-16 20:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-11 14:56 - 2015-06-16 20:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-11 14:55 - 2015-06-16 20:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 14:55 - 2015-06-16 20:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 14:55 - 2015-06-16 20:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 14:55 - 2015-06-16 20:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 14:55 - 2015-06-16 20:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 14:55 - 2015-06-16 20:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 14:37 - 2015-08-11 14:37 - 00144560 _____ C:\Windows\Minidump\Mini081115-01.dmp
2015-08-11 13:20 - 2015-08-13 07:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-11 12:46 - 2015-08-11 12:46 - 00001778 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2015-08-11 12:46 - 2015-08-11 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-08-09 17:07 - 2015-08-09 17:08 - 00144560 _____ C:\Windows\Minidump\Mini080915-01.dmp
2015-08-06 15:52 - 2015-08-06 15:52 - 00144560 _____ C:\Windows\Minidump\Mini080615-01.dmp
2015-08-06 13:57 - 2015-08-06 13:57 - 00023520 _____ C:\Users\wner\Documents\DDS.txt
2015-08-06 13:57 - 2015-08-06 13:57 - 00014217 _____ C:\Users\wner\Documents\Attach.txt
2015-08-06 13:47 - 2015-08-06 13:47 - 00121696 _____ C:\Users\wner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-06 13:44 - 2015-08-06 14:02 - 00000796 _____ C:\Windows\PFRO.log
2015-07-31 10:42 - 2015-07-14 11:02 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-31 10:42 - 2015-07-14 09:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-29 06:23 - 2015-07-29 06:23 - 00144560 _____ C:\Windows\Minidump\Mini072915-02.dmp
2015-07-29 06:06 - 2015-07-29 06:06 - 00144560 _____ C:\Windows\Minidump\Mini072915-01.dmp
2015-07-29 06:05 - 2015-08-11 14:36 - 395963675 _____ C:\Windows\MEMORY.DMP
2015-07-28 19:17 - 2015-07-31 19:02 - 03970536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-28 19:14 - 2015-07-28 19:14 - 00000000 ____D C:\Users\Everyday\AppData\Roaming\FastStone
2015-07-28 19:14 - 2015-07-28 19:07 - 00000931 _____ C:\Users\Everyday\Desktop\FastStone Image Viewer.lnk
2015-07-28 19:12 - 2015-07-28 19:12 - 00010338 _____ C:\Users\wner\Documents\cc_20150728_191224.reg
2015-07-28 19:07 - 2015-07-28 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2015-07-28 19:07 - 2015-07-28 19:08 - 00000000 ____D C:\Program Files\FastStone Image Viewer
2015-07-28 19:07 - 2015-07-28 19:07 - 00000913 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2015-07-26 17:45 - 2015-07-26 17:45 - 00000000 ____D C:\2106b46203d50b8b520f
2015-07-26 16:29 - 2015-07-26 17:40 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 16:29 - 2015-07-26 16:29 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-26 16:29 - 2015-07-26 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-26 16:28 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-26 16:28 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-26 16:28 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-26 12:53 - 2015-07-03 11:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-26 12:53 - 2015-06-24 21:57 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-26 12:50 - 2015-06-17 11:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-26 12:50 - 2015-06-17 10:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-26 12:50 - 2015-06-12 11:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-26 12:45 - 2015-06-27 11:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-26 12:45 - 2015-06-27 09:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-26 12:45 - 2015-06-27 09:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-26 12:45 - 2015-01-08 19:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-26 12:44 - 2015-06-27 11:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-26 12:44 - 2015-06-27 11:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-26 12:44 - 2015-06-27 11:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-26 12:44 - 2015-06-12 08:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-26 11:41 - 2015-05-31 03:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-26 11:36 - 2015-07-03 00:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-26 11:36 - 2015-07-03 00:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-25 21:04 - 2015-08-06 13:56 - 00014217 _____ C:\Users\wner\Desktop\attach.txt
2015-07-25 21:04 - 2015-08-06 13:54 - 00023520 _____ C:\Users\wner\Desktop\dds.txt
2015-07-25 20:51 - 2015-07-25 20:51 - 00688992 ____R (Swearware) C:\Users\Everyday\Downloads\dds.com
2015-07-25 08:31 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\is-MOELV.tmp
2015-07-24 15:25 - 2015-08-13 07:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-24 15:25 - 2015-07-24 15:25 - 00000869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-24 15:25 - 2015-07-24 15:25 - 00000857 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-24 15:20 - 2015-07-24 15:20 - 00242712 _____ C:\Users\Everyday\Downloads\Firefox Setup Stub 39.0.exe
2015-07-19 15:34 - 2015-07-19 15:35 - 05806407 _____ C:\Users\Everyday\Downloads\FSViewerSetup53.exe
2015-07-16 08:21 - 2015-07-16 08:21 - 00186802 _____ C:\Users\Everyday\Documents\cc_20150716_082130.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-13 08:07 - 2009-03-03 22:06 - 01597418 _____ C:\Windows\WindowsUpdate.log
2015-08-13 07:55 - 2008-08-18 13:10 - 00000000 ____D C:\Program Files\Java
2015-08-13 07:49 - 2014-11-17 13:38 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00295ac05379c.job
2015-08-13 07:45 - 2011-05-04 20:52 - 00000000 ____D C:\Program Files\Coupons
2015-08-13 07:45 - 2009-03-27 22:48 - 00000000 ____D C:\Users\wner\AppData\Local\Google
2015-08-13 07:45 - 2008-08-18 13:17 - 00000000 ___HD C:\ProgramData\Google
2015-08-13 07:45 - 2008-08-18 13:15 - 00000000 ____D C:\Program Files\Google
2015-08-13 07:44 - 2014-11-05 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-08-13 07:43 - 2010-02-06 15:38 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 07:39 - 2014-01-12 11:22 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-08-13 07:39 - 2010-02-06 15:38 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-13 07:38 - 2011-05-15 17:40 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-08-13 07:38 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 07:38 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-13 07:38 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 18:03 - 2006-11-02 08:01 - 00032656 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-12 17:32 - 2012-04-12 20:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 17:28 - 2011-03-07 20:16 - 00000000 ___HD C:\ProgramData\McAfee
2015-08-11 14:37 - 2011-07-23 21:02 - 00000000 ____D C:\Windows\Minidump
2015-08-11 12:50 - 2015-05-24 13:56 - 00000000 ____D C:\Users\Everyday\AppData\Local\Garmin_Ltd._or_its_subsid
2015-08-11 12:49 - 2011-11-17 20:57 - 00000000 ____D C:\Users\Everyday\AppData\Roaming\Garmin
2015-08-11 12:47 - 2013-05-25 08:47 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-11 12:46 - 2011-11-16 22:47 - 00000000 ____D C:\Program Files\Garmin
2015-08-10 15:59 - 2013-09-15 22:00 - 00044551 _____ C:\Users\Everyday\Desktop\2013 MEDICAL EXPENSES.xlsx
2015-08-09 17:43 - 2013-09-15 13:07 - 00000000 ____D C:\Users\Everyday\Desktop\PHOTOS FOLDER
2015-08-09 16:29 - 2006-11-02 05:33 - 00776618 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-07 17:05 - 2015-07-01 14:37 - 00000393 _____ C:\Users\wner\Desktop\BIOS Launcher.lnk
2015-08-06 16:12 - 2012-02-04 21:49 - 00000000 ____D C:\Users\wner\Documents\Outlook Files
2015-07-31 19:06 - 2012-04-12 20:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-31 19:06 - 2011-05-15 08:19 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-31 10:41 - 2015-04-20 18:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-29 06:15 - 2014-04-05 07:54 - 00000000 ____D C:\Windows\pss
2015-07-28 19:09 - 2015-03-03 15:59 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-28 19:09 - 2009-05-01 13:17 - 00000000 ____D C:\Program Files\CCleaner
2015-07-26 17:46 - 2013-08-14 20:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-26 16:28 - 2014-06-22 13:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-24 15:22 - 2013-12-14 08:21 - 00000000 ____D C:\ProgramData\Oracle
2015-07-16 07:16 - 2014-11-01 19:54 - 00009353 _____ C:\Users\Everyday\AppData\Roaming\Tab Separated Values (Windows).EML
2015-07-15 20:51 - 2006-11-02 07:47 - 00052224 _____ C:\Windows\system32\umstartup.etl
2015-07-14 11:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system
2015-07-14 11:44 - 2013-10-05 13:33 - 00000000 __HDC C:\ProgramData\{8815DF72-F2D0-4EB9-806D-859BF9397EB5}
2015-07-14 11:44 - 2013-05-02 21:33 - 00000000 ____D C:\ProgramData\APN
2015-07-14 11:09 - 2013-11-29 10:44 - 00000000 ____D C:\Users\Everyday\Desktop\MIATA INFO

==================== Files in the root of some directories =======

2002-03-11 03:45 - 2002-03-11 03:45 - 1708856 _____ (Microsoft Corporation) C:\Program Files\instmsia.exe
2002-03-11 04:06 - 2002-03-11 04:06 - 1822520 _____ (Microsoft Corporation) C:\Program Files\instmsiw.exe
2009-01-21 11:21 - 2009-01-21 11:21 - 128611035 _____ () C:\Program Files\openofficeorg1.cab
2009-01-21 11:14 - 2009-01-21 11:14 - 9780224 _____ () C:\Program Files\openofficeorg30.msi
2008-12-17 05:17 - 2008-12-17 05:17 - 0426776 _____ () C:\Program Files\setup.exe
2009-01-21 11:14 - 2009-01-21 11:14 - 0000336 _____ () C:\Program Files\setup.ini
2009-03-29 20:08 - 2012-08-11 15:30 - 0009216 _____ () C:\Users\wner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-23 19:02 - 2012-06-23 19:02 - 2440206 _____ () C:\Users\wner\AppData\Local\[j0003]-[p02].bmp
2013-02-09 23:40 - 2013-02-09 23:40 - 2250054 _____ () C:\ProgramData\1.bmp
2013-02-09 23:40 - 2013-02-09 23:40 - 0350795 _____ () C:\ProgramData\1.jpg
2010-07-14 20:54 - 2010-07-14 20:54 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-05-04 20:24 - 2011-05-04 22:24 - 0002187 _____ () C:\ProgramData\hpzinstall.log
2012-03-18 17:17 - 2015-01-28 16:41 - 0001053 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2009-03-27 22:51 - 2009-03-27 22:51 - 0005115 _____ () C:\ProgramData\N360BUOptions.ini
2012-10-28 21:33 - 2012-10-28 21:33 - 0097639 _____ () C:\ProgramData\yofnqfevmbmrfkb
ZeroAccess:
C:\Users\Everyday\AppData\Local\Google\Desktop\Install

Some files in TEMP:
====================
C:\Users\Everyday\AppData\Local\Temp\jre-8u51-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-13 07:45

==================== End of log ============================
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 13th, 2015, 12:05 pm

wbg, below is Additional txt info:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:12-08-2015
Ran by wner (2015-08-13 08:09:50)
Running from C:\Users\wner\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2378769042-2310627262-2564490496-500 - Administrator - Disabled)
Everyday (S-1-5-21-2378769042-2310627262-2564490496-1001 - Limited - Enabled) => C:\Users\Everyday
Guest (S-1-5-21-2378769042-2310627262-2564490496-501 - Limited - Disabled)
wner (S-1-5-21-2378769042-2310627262-2564490496-1000 - Administrator - Enabled) => C:\Users\wner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 5.0 Sprint (HKLM\...\{D1696920-9794-4BBC-8A30-7A88763DE5A2}) (Version: 5.0.0.3412 - ABBYY Software House)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM\...\{FBB02B04-C034-4382-A3F6-57416E2752C4}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ALZip (HKLM\...\ALZip_is1) (Version: 7.0 beta1 - ESTsoft Corp.)
Amazon Links (HKLM\...\{224821ED-CADA-4A8A-AC8D-3734CC0F0931}) (Version: 1.0 - TOSHIBA Corporation)
AnswerWorks 4.0 Runtime - English (HKLM\...\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}) (Version: 4.0.101 - Vantage Software Technologies)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression (HKLM\...\{6C5D7191-140A-11D6-B5A0-0050DA208A93}) (Version: - )
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.193.0508L - Chicony Electronics Co.,Ltd.)
Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM\...\Software Guide) (Version: 1.0.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.3.2.15 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.1.0.18 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.2.0.34 - Canon Inc.)
Canon Personal Printing Guide (HKLM\...\Personal Printing Guide) (Version: 1.0.0.1 - Canon Inc.)
Canon PhotoRecord (HKLM\...\PhotoRecord) (Version: - )
Canon PowerShot SX20 IS Camera User Guide (HKLM\...\CameraUserGuide-PSSX20IS) (Version: 1.0.1.2 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.3.0.4 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.4.1.10 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.0.0.19 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.5.0.3 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.2.1.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RAW Image Converter (HKLM\...\Canon Utilities RAW Image Converter) (Version: - )
Canon Utilities RemoteCapture 2.2 (HKLM\...\RemoteCapture) (Version: - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.4.0.7 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.03 - TOSHIBA)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Copy (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Corel Painter Essentials 3 (HKLM\...\_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}) (Version: - Corel Corporation)
Corel Painter Essentials 3 (Version: 3.2 - Corel Corporation) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
digestIT 2004 (HKLM\...\{5B119660-1788-11D8-8EB8-0050BF643EE7}) (Version: 3.0.2004 - Kenneth Ballard)
DJ_AIO_06_F4500_SW_MIN (Version: 140.0.690.000 - Hewlett-Packard) Hidden
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)
Elevated Installer (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON NX100 Series Printer Uninstall (HKLM\...\EPSON NX100 Series) (Version: - SEIKO EPSON Corporation)
EPSON PERF 1670 Guide (HKLM\...\Silent Package Run-Time Sample) (Version: - )
EPSON Photo Print (HKLM\...\{9F9F3775-7E5B-4028-B5E5-DA1C042517A8}) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
EZ Vinyl/Tape Converter 10 by Ion Audio (HKLM\...\EZ Vinyl/Tape Converter by Ion Audio_is1) (Version: - Ion Audio LLC)
F4500 (Version: 140.0.690.000 - Hewlett-Packard) Hidden
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Foxit PDF Creator Toolbar Updater (HKU\Everyday\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.2.23821 - Ask.com) <==== ATTENTION
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.3.1.606 - Foxit Corporation)
Garmin Express (HKLM\...\{42f02a91-da9c-48e1-8dc5-37f4449db969}) (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Geek Squad 24 Hour Computer Support (HKLM\...\{F204E2B3-225D-419D-A5DE-3F97E8ADDD1B}) (Version: 2.1.322 - LogMeIn, Inc.)
GIMP (HKLM\...\{46BBA993-5554-42E7-8042-E760D92A580A}) (Version: 2.6.11 - Spencer Kimball)
GIMP 2.6.6 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hotspot Shield 3.42 (HKLM\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Hotspot Shield 3.42 (HKU\Everyday\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee SecurityCenter (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.264 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\McAfee Virtual Technician) (Version: 7.5.0.3093 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{AA0FB0B5-D853-4F87-9261-A4BC7D503E0D}) (Version: 1.3.5 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\...\MyFreeCodec) (Version: - )
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NetZero Internet Access Installer (HKLM\...\{99D518AB-77F2-405B-B52A-18FC22394CF8}) (Version: 1.0.874 - TOSHIBA Corporation)
nik Color Efex Pro 2.0 GE (HKLM\...\nik Color Efex Pro 2.0 GE) (Version: - )
NTI Shadow (HKLM\...\InstallShield_{81DCEC2B-E069-4985-978B-3230292AB744}) (Version: 3.7.1.37 - NewTech Infosystems)
NTI Shadow (Version: 3.7.1.37 - NewTech Infosystems) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Presto! BizCard 4.0 Component for Windows CE (HKLM\...\{41B20968-B2E1-49C0-9508-CC1544D568F5}) (Version: - )
Presto! BizCard 4.1 Eng (HKLM\...\Uninstall Presto! BizCard 4.1 Eng) (Version: - )
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
QuickBooks Financial Center (HKLM\...\{890EF3F8-742F-46BD-9E8E-084B3A1F4364}) (Version: 1.10.0000 - Intuit Inc.)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5599 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Rosetta Stone audio optimizer (HKLM\...\com.rosettastone.RosettaStoneAudioOptimizer) (Version: 1.0.5 - Rosetta Stone, Ltd)
Rosetta Stone audio optimizer (Version: 1.0.5 - Rosetta Stone, Ltd) Hidden
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14034.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
Secure Online Account Numbers (HKLM\...\{65980EBF-C4B5-4555-823A-94DB7F709E53}) (Version: 2.3.14.0 - Discover)
Secure Online Account Numbers (Version: 2.0.2.0 - Discover) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.08 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}) (Version: 7.2.20 - TOSHIBA Corporation)
TOSHIBA Desktop Links (HKLM\...\{E1E56B8A-1AAF-422A-91DB-625059FB9863}) (Version: 1.7 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.31.14 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 2.0.2.32 - TOSHIBA)
TOSHIBA Hardware Setup (HKLM\...\{2883F6F5-0509-43F3-868C-D50330DD9DD3}) (Version: 2.00.08 - )
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA Corporation)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 1.1.14 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.04 - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.24 - TOSHIBA Corporation)
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Turbo Tax Audit Support Center 2.0 (HKLM\...\{E371C150-A9F1-49CE-ACC1-51AEFD01C1D4}_is1) (Version: - Turbo Tax)
TurboTax 2008 (HKLM\...\TurboTax 2008) (Version: - )
TurboTax 2009 (HKLM\...\TurboTax 2009) (Version: - Intuit, Inc)
TurboTax 2010 (HKLM\...\TurboTax 2010) (Version: - Intuit, Inc)
TurboTax 2011 (HKLM\...\TurboTax 2011) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax Deluxe 2007 (HKLM\...\TurboTax Deluxe 2007) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WeatherBug® (HKLM\...\WeatherBug®) (Version: 10.0.4.13 - Earth Networks, Inc.)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000_Classes\CLSID\{32C15893-74C0-4478-879B-FE14EB684AB4}\InprocServer32 -> C:\Users\wner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000_Classes\CLSID\{39C26CEE-9070-4B47-9261-6743499AFBF7}\InprocServer32 -> C:\Users\wner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgutil.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-2378769042-2310627262-2564490496-1000_Classes\CLSID\{9CC1FE07-02F9-49A6-A3F4-63AD8BAE9E49}\InprocServer32 -> C:\Users\wner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll (Hewlett-Packard Co.)

==================== Restore Points =========================

12-08-2015 17:31:28 Windows Update
13-08-2015 07:41:21 Removed Foxit PDF Creator Toolbar.
13-08-2015 07:42:59 Removed Foxit PDF Creator Toolbar.
13-08-2015 07:52:15 Removed Java 8 Update 51
13-08-2015 07:53:34 Removed Java 8 Update 40
13-08-2015 07:54:41 Removed Java 8 Update 31
13-08-2015 07:55:54 Removed Java 8 Update 25

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-31 10:27 - 2015-08-13 07:48 - 00000002 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004666A6-3A68-4B21-933E-FC347F42C0FA} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1349FA2E-305F-489A-A842-E5EEB25AFC5B} - System32\Tasks\{29790668-AADA-4F44-A8C3-DEFF4FA45E5F} => Iexplore.exe http://ui.skype.com/ui/0/4.2.0.169.196/ ... tinstaller
Task: {163842FF-30F0-4316-889C-35CAC05913ED} - \ASP -> No File <==== ATTENTION
Task: {1CB7B358-B0A3-4B76-A48D-074EE04A6086} - System32\Tasks\AdobeAAMUpdater-1.0-wner-PC-wner => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {2A3C9DC4-23D9-4B22-926B-2D4E7E15A694} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {354D6403-6CB3-4D5D-A61F-007DB5DDE3BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {357E4B4D-3E42-45BC-9076-CFC8B57BC879} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-31] (Adobe Systems Incorporated)
Task: {4D44F76F-6EE3-4270-9BD7-50FB50A39AE6} - System32\Tasks\{9F127144-4A7A-47F5-9A89-EE45D798E782} => pcalua.exe -a C:\Users\wner\Desktop\OOo_3.0.1_Win32Intel_install_wJRE_en-US.exe -d C:\Users\wner\Desktop
Task: {6FD19260-AF13-4C9B-A5B3-95EEF7A1536B} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {71693334-A2F0-406B-878C-8D0C93DF96BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {75722ADA-F24E-4794-995E-D52F8C5E5A2A} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {7A7A748A-660E-4BBE-A040-0DC14BF08332} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {7BE6D410-2D29-4504-81CA-26BFDC136B68} - System32\Tasks\MotoHelper Initial Update => C:\Users\Everyday\AppData\Local\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08] ()
Task: {7DF32EEB-FE78-4943-B139-C156986B609C} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {B1957AFD-7A11-42BF-AEDD-C84180C090CA} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-07-29] ()
Task: {B5644447-79D1-4950-8117-F9DBA4C4C6A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {B6B8A3D8-9215-4E0A-A83C-193640CB2185} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {B90A70E9-A50C-46D9-859D-7C2D074A0CAC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C4F911EE-3042-4FA1-BE7E-C58D04A3831B} - System32\Tasks\MotoHelper MUM => C:\Users\Everyday\AppData\Local\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08] ()
Task: {CAEEC2A5-E8DD-4944-8AA2-D4204D84CD1E} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {D3DE7FD2-CE32-4F91-BA36-A6A304AD4799} - System32\Tasks\MotoHelper Update => C:\Users\Everyday\AppData\Local\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08] ()
Task: {D8073E49-BC86-4571-8BD0-7BBA4461BBF4} - System32\Tasks\MotoHelper Routing => C:\Users\Everyday\AppData\Local\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08] ()
Task: {D9E934F4-5E01-4BE1-8B64-32E1BE8EAF14} - System32\Tasks\GoogleUpdateTaskMachineUA1d00295ac05379c => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {E967BB19-9509-4096-BAC3-5BD19177E2AB} - System32\Tasks\{208B22DE-A66E-465E-926D-0819144C2299} => C:\Program Files\Skype\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
Task: {E9874CD7-7CE3-4439-8B2E-831EEE48410F} - System32\Tasks\AdobeAAMUpdater-1.0-wner-PC-Everyday => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {EBB67B48-BCB7-4031-B1C0-2E50338686A6} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00295ac05379c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => 0x00060100691FA7BFA952FF4FAC77920417358933460036020000000000000000200000000014730FDD0407800013040000208021DF070500030014000600210009006F0300003C0043003A005C00500072006F006700720061006D002000460069006C00650073005C0053007000790062006F00740020002D002000530065006100720063006800200026002000440065007300740072006F007900200032005C005300440049006D006D0075006E0069007A0065002E0065007800650000001D002F0069006D006D0075006E0069007A00650020002F00730069006C0065006E00740020002F006100750074006F0063006C006F0073006500000000001C0053007000790062006F00740020002D002000530065006100720063006800200026002000440065007300740072006F0079002000320000007800540068006900730020007400610073006B002000770069006C006C002000750070006400610074006500200079006F0075007200200069006D006D0075006E0069007A006100740069006F006E002C0020006B0065006500700069006E006700200079006F00750072002000620072006F00770073006500720073002000700072006F00740065006300740065006400200061006700610069006E007300740020006B006E006F0077006E0020006D0061006C0077006100720065002000730069007400650073002C00200063006F006F006B00690065007300200061006E00640020006D006F00720065002E000000000008000000000000000000010030000000DE0701000C0000000000000000001E0000000000000000000000000002000000010008000000000000000000
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => 0x0006010022C47D9ECC68A44CAD851680E8BDCE1646008C010000000000000000200000000014730F0000000005130400C0200421000000000000000000000000000000000000380043003A005C00500072006F006700720061006D002000460069006C00650073005C0053007000790062006F00740020002D002000530065006100720063006800200026002000440065007300740072006F007900200032005C00530044005300630061006E002E00650078006500000012002F007300630061006E0020002F0063006C00650061006E0063006C006F0073006500000000001C0053007000790062006F00740020002D002000530065006100720063006800200026002000440065007300740072006F007900200032000000320041002000660075006C006C002000730079007300740065006D0020007300630061006E0020006900730020007200650063006F006D006D0065006E0064006500640020006F006E0063006500200070006500720020006D006F006E00740068002E000000000008000313040000000000010030000000DE0701000C0000000000000000001E000000000000000000000000000300000001000000FF0F000000000000

==================== Loaded Modules (Whitelisted) ==============

2008-04-30 22:13 - 2008-04-30 22:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-12 11:21 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-01-12 11:21 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-24 18:43 - 2015-03-24 18:43 - 00182784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\d29bf4134c8df4833a65213d4687d6da\Kies.Common.DeviceServiceLib.Interface.ni.dll
2015-03-24 18:44 - 2015-03-24 18:44 - 14970880 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\592a6a31e27bffd0adeaff6f255f3892\Kies.Theme.ni.dll
2015-05-19 17:58 - 2015-05-19 17:58 - 01811456 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\a0debd24f468e6644f526707e12786b6\Kies.UI.ni.dll
2015-03-24 18:42 - 2015-03-24 18:42 - 00077824 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\845b9379476bb91db2881ebaff45255f\Kies.MVVM.ni.dll
2015-03-24 18:44 - 2015-03-24 18:44 - 00233472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\de6a15348040911b2e63c8dbe3c77275\ASF_cSharpAPI.ni.dll
2014-01-12 11:21 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Everyday\AppData\Roaming\Tab Separated Values (Windows).EML:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7869 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\Everyday\Control Panel\Desktop\\Wallpaper -> C:\Users\Everyday\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
HKU\S-1-5-21-2378769042-2310627262-2564490496-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{19C0938E-1C2E-4533-9AD7-A953C3FF82AC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BD1B69C1-39AA-4AD8-A519-6F120F10F6E5}] => (Allow) LPort=80
FirewallRules: [{5A5D56AE-4530-4235-93D2-A93B8D9EEFDB}] => (Allow) LPort=80
FirewallRules: [{7B74408B-D57D-4772-8C92-52E00AF9BCFB}] => (Allow) LPort=80
FirewallRules: [{6B0D50B8-C952-4638-A7AA-3F9A545EFB4F}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdater.exe
FirewallRules: [{3634719C-F014-492B-9F52-40A4E5AEE83D}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{944EF5A7-B673-4A87-820F-1DF2AFD770AB}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{106399A7-7381-4864-970B-244CFA93831A}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{01C8B6A0-79B8-46EE-B013-FEA9D9846466}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{6AD54EA6-ED34-4FAE-9A06-44F7355ADE5E}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{7666D1E0-322F-4C09-8DEA-670EC9AE154B}] => (Allow) D:\setup\hpznui01.exe
FirewallRules: [{6049D2F0-476F-4209-A08E-EF9BA21E2688}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CC0B5946-6301-4B44-8ED3-48AD366996C8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{53E4F203-5F09-42E4-A563-E9C99BE4A808}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BCFE2178-29FA-46D6-82DD-9B52AED9249F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{356B82BF-4F35-43C5-9ECD-53CB46D091ED}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{31AEBB6C-D545-4535-91B8-8A8D45BC91E5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{6AEA2EE0-0DF7-4F3E-9B2F-6C3776E206D6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{B84A3BF4-A767-40DE-A9A3-325446735E70}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C66A8DC8-9213-40A5-8368-ECC1AB1869C5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{537DEB08-23F4-435B-BB0B-21114FAD7124}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{373391CD-BB0B-4788-B026-54601DC2FA03}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{06EAA5FB-13D4-490C-B8EB-91E2A989DB04}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{28B73284-76C6-436C-B53D-FA9E45E4F224}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{9C542061-31F7-436B-A930-F8183A33461E}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{63AAA427-6977-4C58-854C-C921D1A824F7}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5746D586-9286-4E3E-863A-A47CF9F4C9D7}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{C94A6E40-1F0C-4E88-82A8-4BC22EC6D56F}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{6EFAEC88-5501-49A8-B8E5-2E4E42866414}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B4FDB5B4-C99D-43B7-8C51-4B38142EE478}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{48DF9926-3D5C-43F0-BB2E-6EAA67A62B11}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{192C5BC2-5696-43B7-A603-9998FDC514E8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{988DA991-0E8A-43FB-B325-43B4E213EAD8}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{CCA0829B-39F0-48C2-8756-410AC0C789BB}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{AC6B1AF8-E76F-42A4-B800-117C45EC6C95}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{7CBDB2FA-12CF-4A19-8AA4-AF7AE269D9A8}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{A206957C-5C5D-407B-8E5E-D421226618F8}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{C52F4045-F4C8-41CA-94A2-A3913025AB70}] => (Allow) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{5A2AEE03-6E44-4F56-9513-C9A5E45D2964}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{0599D9FB-907A-43CB-A298-D5C48C6D2E7D}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{E09C37DF-9B74-4412-9ABF-5C0935B41184}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5F4CE19D-DE31-4092-BCFE-1DB7F3DACB17}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{C7B4436B-8AFF-4C5A-8AA8-B36557E89E63}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B5705AE8-5CA2-46DC-8CD7-F1328BFCE2C8}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5E4561D3-4DD8-4B9E-A853-DAC5C6FA4679}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DC417696-B38D-4010-A94B-FA5503D60123}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: isatap.tu.ok.cox.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: HP Deskjet F4500
Description: HP Deskjet F4500
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C309a series
Description: Photosmart C309a series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart Prem C310 series
Description: Photosmart Prem C310 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6700
Description: Officejet 6700
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2015 07:42:46 AM) (Source: MsiInstaller) (EventID: 11730) (User: wner-PC)
Description: Product: Foxit PDF Creator Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.

Error: (08/13/2015 07:38:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:52:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:38:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\EVERYDAY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C72NCCAC.DEFAULT-1412173982401\SAFEBROWSING-TO_DELETE> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/12/2015 05:38:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\EVERYDAY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C72NCCAC.DEFAULT-1412173982401\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/12/2015 05:34:07 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GARMIN\GARMIN EXPRESS.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/12/2015 05:34:07 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GARMIN\GARMIN EXPRESS.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/12/2015 05:26:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:02:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 02:52:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ntvdm.exe, version 6.0.6001.18000, time stamp 0x47918baf, faulting module ntvdm.exe, version 6.0.6001.18000, time stamp 0x47918baf, exception code 0xc0000005, fault offset 0x00009cc6,
process id 0xfa8, application start time 0xntvdm.exe0.


System errors:
=============
Error: (08/13/2015 07:38:59 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (08/13/2015 07:38:59 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (08/13/2015 07:38:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Lbd

Error: (08/13/2015 07:38:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Garmin Device Interaction Service%%1053

Error: (08/13/2015 07:38:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Garmin Device Interaction Service

Error: (08/12/2015 05:53:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (08/12/2015 05:52:58 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (08/12/2015 05:52:58 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (08/12/2015 05:52:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Lbd

Error: (08/12/2015 05:52:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Garmin Device Interaction Service%%1053


Microsoft Office:
=========================
Error: (08/13/2015 07:42:46 AM) (Source: MsiInstaller) (EventID: 11730) (User: wner-PC)
Description: Product: Foxit PDF Creator Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)

Error: (08/13/2015 07:38:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:52:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:38:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\EVERYDAY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C72NCCAC.DEFAULT-1412173982401\SAFEBROWSING-TO_DELETE

Error: (08/12/2015 05:38:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\EVERYDAY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C72NCCAC.DEFAULT-1412173982401\SAFEBROWSING-BACKUP

Error: (08/12/2015 05:34:07 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GARMIN\GARMIN EXPRESS.LNK

Error: (08/12/2015 05:34:07 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GARMIN\GARMIN EXPRESS.LNK

Error: (08/12/2015 05:26:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:02:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 02:52:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ntvdm.exe6.0.6001.1800047918bafntvdm.exe6.0.6001.1800047918bafc000000500009cc6fa801d0d46f516d3baf


CodeIntegrity:
===================================
Date: 2015-08-13 08:09:00.200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:59.638
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:58.812
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:58.250
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:56.752
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:56.222
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:55.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:55.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:54.381
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\is-MOELV.tmp because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 08:08:53.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\is-MOELV.tmp because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 2939.06 MB
Available physical RAM: 814.64 MB
Total Virtual: 6086.32 MB
Available Virtual: 3953.61 MB

==================== Drives ================================

Drive c: (SQ004816V03) (Fixed) (Total:177.6 GB) (Free:78.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 186.3 GB) (Disk ID: 1CF55F92)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=177.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7.2 GB) - (Type=17)

==================== End of log ============================
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 13th, 2015, 7:33 pm

Hi wfr37

Run this and post the results please.

MiniToolBox
Please download MiniToolBox.exe and save it to your Desktop.

  • Right click on MiniToolBox and select " Run as administrator " to run it. If prompted by UAC, please allow it.
  • Check the following in the list:
    • List last 10 Event Viewer Errors.
    • List Minidump Files.
  • Click Go.
  • A file name Result.txt will be created in the same location where you downloaded MiniToolBox.exe
  • Please post the contents of the Result.txt in your next Reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 13th, 2015, 10:08 pm

Thanks wbg. Installed and ran program but text file created was named MTB- Notepad by the system. Below is contents of that text file.
MiniToolBox by Farbar Version: 25-07-2015 01
Ran by wner (administrator) on 13-08-2015 at 20:58:58
Running from "C:\Users\wner\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Model: Satellite L305 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/13/2015 08:54:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:32:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 01:35:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 01:18:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 10:16:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 09:51:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 09:28:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:41:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 07:42:46 AM) (Source: MsiInstaller) (User: wner-PC)
Description: Product: Foxit PDF Creator Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.

Error: (08/13/2015 07:38:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/13/2015 08:54:14 PM) (Source: Service Control Manager) (User: )
Description: Lbd

Error: (08/13/2015 08:54:14 PM) (Source: Service Control Manager) (User: )
Description: Garmin Device Interaction Service%%1053

Error: (08/13/2015 08:54:14 PM) (Source: Service Control Manager) (User: )
Description: 30000Garmin Device Interaction Service

Error: (08/13/2015 08:54:13 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (08/13/2015 08:54:13 PM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (08/13/2015 08:52:42 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:45:02 PM on 8/13/2015 was unexpected.

Error: (08/13/2015 08:35:17 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (08/13/2015 08:33:21 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (08/13/2015 08:33:21 PM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (08/13/2015 08:33:19 PM) (Source: Service Control Manager) (User: )
Description: Lbd


Microsoft Office Sessions:
=========================
Error: (08/13/2015 08:54:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:32:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 01:35:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 01:18:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 10:16:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 09:51:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 09:28:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:41:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 07:42:46 AM) (Source: MsiInstaller)(User: wner-PC)
Description: Product: Foxit PDF Creator Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)

Error: (08/13/2015 07:38:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2015-08-13 13:20:23.618
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:23.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:22.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:21.590
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:10.795
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:09.375
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:08.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:20:07.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:19:56.802
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\is-MOELV.tmp because the set of per-page image hashes could not be found on the system.

Date: 2015-08-13 13:19:55.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\is-MOELV.tmp because the set of per-page image hashes could not be found on the system.

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini072915-01.dmp
C:\Windows\Minidump\Mini072915-02.dmp
C:\Windows\Minidump\Mini080615-01.dmp
C:\Windows\Minidump\Mini080915-01.dmp
C:\Windows\Minidump\Mini081115-01.dmp
C:\Windows\Minidump\Mini081315-01.dmp
C:\Windows\Minidump\Mini081315-02.dmp
C:\Windows\Minidump\Mini081315-03.dmp
C:\Windows\Minidump\Mini081315-04.dmp
C:\Windows\Minidump\Mini081315-05.dmp
C:\Windows\Minidump\Mini081315-06.dmp

**** End of log ****
FYI - before receiving your latest post above, i used compressed air dust destroyer to see if lint came flying out and also removed and reinserted RAM chips. computer became unresponsive after 12 minutes, but no blue screen, and froze at same point of scanning windows/assembly/native images folder.
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 15th, 2015, 12:33 pm

Hi wfr37,

The error code in blue implicates failing ram. This is an older machine and this could be your issue. Some manufactures of BIOS included RAM tests in the BIOS setup page. If you are familiar with accessing BIOS you may want to check to see if there is a test, otherwise a trip to the shop is in order.
Able to install and execute ASWMBR ok, but tried five times and each time blue screen crash dump occurred. Did not have blue screen until tried to run this scan. Last time screen said Kernal_Stack_Inpage_Error, Stop: 0x00000077 (0x00000001, 0x00000000, 0x00000000, 0xc1a1ab78).


Try and run aswMBR again for me.
Step 4.

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 16th, 2015, 8:49 pm

Wbg,

This laptop bios does not provide a test. Unfortunately I am unable to run the scan requested. The laptop stopped responding even sooner than it had before when I attempt the scan. Tried reinstalling the RAM stick (1 gig) I removed before I upgraded to 2 gig last August. Did not help. Maybe I two that are faulty.

I assume that your comment means we have gone as far as we can with tasks I can perform and I should just take to the shop. If you have other suggestions please advise.
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 16th, 2015, 9:27 pm

Does this have the original hard drive as well?
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 17th, 2015, 12:05 pm

Yes.
FYI - In several instances restarting after freeze, the laptop started and completed check disk where it found orphaned files, corrupted file segments, etc. From what I can tell, the problems were corrected and then the laptop restarted. Now it seems like the CPU indicator is constantly on during start-up. And if you start a program (like Outlook) right away to try to take some action before unresponsiveness, the CPU indicator stays constantly on for a short period and goes directly to freeze (does not taper down as before). My idea is unsuccessful.
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 17th, 2015, 9:15 pm

Hi wfr37,

Try and run this to check the drive.

Check hard Drive for Errors
Open Notepad... then copy and paste the following single line into Notepad:
(Notepad is in Start, Programs, Accessories)
Code: Select all
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"


Now Save the NotePad file like this:
  • Click on File from the top menu bar.
  • Select Save As, use Filename: testhd.bat and Save As Type: All Files.
  • Choose Desktop as the location
  • Click Save.
Right click on testhd.bat on your desktop and select Run As Administrator to run it. OK the UAC.
A Command Prompt box will pop up, then close after a couple minutes.
Please post the contents of the checkhd.txt file from your desktop.
If the file is very long, just copy and paste the LAST 20 or 30 lines into your reply.

Post the results in checkhd.txt
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: windows vista unresponsive after 10 minutes

Unread postby wfr37 » August 19th, 2015, 11:28 am

only able to run this batch file in SAFE mode. it seems that any other action immediately freezes the computer and you have to force reboot. This is strange behavior to me since the computer may have been running for 30 minutes getting to the point when login and action can be taken. results of the batch file below.

The type of the file system is NTFS.
Volume label is SQ004816V03.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
1224 large file records processed.

0 bad file records processed.

2 EA records processed.

76 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
The type of the file system is NTFS.
Volume label is SQ004816V03.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
0 bad file records processed.

2 EA records processed.

76 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Error detected in index $I30 for file 1536.
Error detected in index $I30 for file 1544.
Error detected in index $I30 for file 1545.
Error detected in index $I30 for file 1546.
Error detected in index $I30 for file 3879.
Error detected in index $I30 for file 4629.
The type of the file system is NTFS.
Volume label is SQ004816V03.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
1225 large file records processed.

0 bad file records processed.

2 EA records processed.

76 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
52558 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

186226687 KB total disk space.
104050584 KB in 332188 files.
184328 KB in 52559 indexes.
4 KB in bad sectors.
504107 KB in use by the system.
65536 KB occupied by the log file.
81487664 KB available on disk.

4096 bytes in each allocation unit.
46556671 total allocation units on disk.
20371916 allocation units available on disk.
wfr37
Regular Member
 
Posts: 20
Joined: July 26th, 2015, 8:31 pm

Re: windows vista unresponsive after 10 minutes

Unread postby wannabeageek » August 19th, 2015, 9:44 pm

Hi wfr37,

Let's try this again only with a fix this time.

Step 1.
Hard Disk Repair
IF Chkdsk has found any errors having to do with bad sectors in your file system, or if it reports that it cannot continue in Read-Only Mode, it needs to run a different sequence on reboot to do repairs. It can't repair the file system while Windows is running.
DO NOT START THIS SEQUENCE UNLESS YOU CAN DO WITHOUT THE MACHINE FOR AN HOUR OR TWO. It may not take very long , but could, depending on the number of files and folders.
It will not relinquish control until it is done. You cannot stop it, and it would be a BIG mistake to pull the plug.

If it's present on your Desktop, please delete your original file Checkhd.txt
Go To Start, Run and type cmd
hit <Enter>
Type this black text into the command window at the prompt:
chkdsk c: /F <==notice the /F, with one space between c: and /F
hit <Enter>
You will get a message that the volume is locked, with a request to do the repair on Reboot.
Answer Y
Then type exit to close the Command window.
Go to Start, Turn Off Computer and choose Reboot.
It will scan again when it boots up and make the repairs as the first part of the reboot process.


Step 2.
Check Hard Disk For Errors
Press Start->Run, then type or copy/paste the following command into the box and press OK:
Code: Select all
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"

A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file and icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.
If it's very long just post the last 30-50 lines.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 27 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware