Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Cannot Start Windows Module Installer or Get Windows Updates

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Cannot Start Windows Module Installer or Get Windows Updates

Unread postby gman2015 » October 31st, 2015, 8:47 pm

I have run many recommended malware removal tools (you will see in the logs) and followed numerous recommendations but still cannot get this working. WMI won't start, so I cannot run SFC nor install Windows Updates. This is why I think I may be infected. Here are the logs. Thanks for looking into this.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16592 BrowserJavaVersion: 11.60.2
Run by Gino at 20:28:01 on 2015-10-31
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3069.1232 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\OEM05Mon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\alg.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/advanced_search
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.ca/ig/dell?hl=en&clie ... bd=3081007
mDefault_Page_URL = hxxp://www.google.ca/ig/dell?hl=en&clie ... bd=3081007
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Wondershare Video Converter Ultimate 7.1.0: {451C804F-C205-4F03-B48E-537EC94937BF} -
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\22.5.2.15\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_60\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_60\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\22.5.2.15\CoIEPlg.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [OEM05Mon.exe] c:\windows\OEM05Mon.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [DelaypluginInstall] c:\programdata\wondershare\video converter ultimate\DelayPluginI.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CanonQuickMenu] c:\program files\canon\quick menu\CNQMMAIN.EXE /logon
mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode
mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CtxfiReg] CTXFIREG.exe /FAIL1
StartupFolder: c:\users\gino\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{3FA0FAC6-0EE6-4B5F-9322-3B24734B5E96} : DHCPNameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{AF0A664B-C949-4001-A298-A91A820C655B} : DHCPNameServer = 64.71.255.204 64.71.255.198
Handler: WSIEChrome - <Clsid value has no data>
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - <orphaned>
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\46.0.2490.80\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\nis\1605020.00f\SymEFASI.sys [2015-8-5 1286896]
R1 BHDrvx86;BHDrvx86;c:\program files\norton internet security\nortondata\22.5.2.15\definitions\bashdefs\20151022.001\BHDrvx86.sys [2015-10-22 1193032]
R1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\nis\1605020.00f\ccSetx86.sys [2015-8-5 137456]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1605020.00f\Ironx86.sys [2015-8-5 234744]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1605020.00f\symtdiv.sys [2015-8-5 358104]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-5-2 161048]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\22.5.2.15\NIS.exe [2015-8-5 282016]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2015-10-31 122192]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-25 23256]
R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;c:\windows\system32\drivers\OEM05Vfx.sys [2008-10-7 7424]
R3 OEM05Vid;Creative Camera OEM005 Driver;c:\windows\system32\drivers\OEM05Vid.sys [2008-10-7 235616]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2008-10-7 31616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2015-10-25 1135416]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-5-14 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-5-14 166384]
S2 SessionLauncher;SessionLauncher;c:\users\admini~1\appdata\local\temp\dx9\sessionlauncher.exe --> c:\users\admini~1\appdata\local\temp\dx9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2015-1-2 315488]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;c:\program files\common files\creative labs shared\service\AL1Licensing.exe [2008-10-7 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-25 51928]
S3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;c:\windows\system32\drivers\OEM05Afx.sys [2008-10-7 141376]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-5-14 1120752]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2014-5-18 25632]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2013-8-11 19968]
.
=============== Created Last 30 ================
.
2015-10-31 17:57:18 2873856 ----a-w- c:\windows\system32\mf.dll
2015-10-31 17:23:12 -------- d-----w- c:\program files\Tweaking.com
2015-10-31 13:51:01 194048 ----a-w- c:\windows\system32\IEShims.dll
2015-10-31 06:07:55 -------- d-----w- c:\windows\system32\catroot2
2015-10-30 23:47:28 -------- d-----w- c:\users\gino\appdata\roaming\SUPERAntiSpyware.com
2015-10-30 23:46:44 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-10-30 21:13:31 -------- d-----w- c:\program files\Windows Resource Kits
2015-10-28 17:46:49 -------- d-----w- C:\Temp
2015-10-26 13:56:02 -------- d-----w- c:\windows\system32\catroot2.bak
2015-10-26 13:47:31 -------- d-----w- c:\windows\system32\wbem\repository
2015-10-26 12:35:29 -------- d-----w- c:\windows\system32\wbem\repository.002
2015-10-26 12:17:20 -------- d-----w- C:\RegBackup
2015-10-26 03:13:59 -------- d-----we c:\users\gino\appdata\local\Temporary Internet Files
2015-10-26 03:13:22 -------- d-----we C:\Documents and Settings
2015-10-26 00:11:59 -------- d-----w- C:\AdwCleaner
2015-10-25 23:11:44 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 23:11:10 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-25 23:11:10 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-25 23:11:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-25 23:11:10 -------- d-----w- c:\programdata\Malwarebytes
2015-10-25 23:11:10 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-10-20 14:52:45 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-10-07 03:10:50 -------- d-----w- c:\windows\CheckSur
2015-10-07 02:58:25 -------- d-----w- c:\windows\SoftwareDistribution.old
.
==================== Find3M ====================
.
2015-10-17 03:11:07 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-10-17 03:11:06 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-05 14:59:24 103152 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.
============= FINISH: 20:28:26.81 ===============

DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 07/10/2008 11:38:51 AM
System Uptime: 31/10/2015 5:05:55 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0TP406
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz | CPU | 2327/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 500.429 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 3.919 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 932 GiB total, 714.211 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
AdFender
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Elements Studio Launcher
Adobe ExtendScript Toolkit 2
Adobe Flash Player 19 ActiveX
Adobe Flash Player 19 NPAPI
Adobe Help Viewer CS3
Adobe PDF Library Files
Adobe Photoshop Elements 6.0
Adobe Premiere Elements 4.0
Adobe Premiere Elements 4.0 Templates
Adobe Reader X (10.1.16)
Adobe Refresh Manager
Adobe Setup
Adobe Shockwave Player 12.1
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Soundbooth CS3 Scores
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
Advanced Audio FX Engine
Advanced Video FX Engine
Amazon Kindle
Apple Application Support (32-bit)
Apple Mobile Device Support
Apple Software Update
Bonjour
Browser Address Error Redirector
calibre
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon IJ Scan Utility
Canon MX920 series MP Drivers
Canon MX920 series On-screen Manual
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Quick Menu
Canon Speed Dial Utility
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help English
CCC Help French
CCC Help German
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Polish
CCC Help Portuguese
CCC Help Spanish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Creative ALchemy (X-Fi Edition)
Creative MediaSource 5
Dell Dock
Dell Getting Started Guide
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
DirectXInstallService
DivX Setup
EDocs
Free FLV to MP4 Converter 1.0.18
Google Chrome
Google Update Helper
GoToAssist 8.0.0.514
HomeByMe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HyperSnap 7
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections 12.1.12.4
iTunes
Java Auto Updater
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes Anti-Malware version 2.2.0.1024
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Norton Internet Security
OLYMPUS Master 2
OLYMPUS muvee theaterPack
OmniPage SE 2.0
OpenAL
QuickTime 7
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skins
Skype™ 7.1
Sound Blaster X-Fi
swMSM
Tweaking.com - Windows Repair
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Word 2007 (KB974631)
VC80CRTRedist - 8.0.50727.6195
WD Discovery
Weeny Free ePub to PDF Converter 2.0
WIDCOMM Bluetooth Software 6.0.1.4300
Windows Resource Kit Tools - SubInAcl.exe
XPS MiniView Gadget
.
==== End Of File ===========================
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm
Advertisement
Register to Remove

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 3rd, 2015, 1:43 pm

Hello gman2015, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Note: Save or Move all downloaded files to your Desktop.

Step 1.
Pease provide me a list of tools you have run.
I have run many recommended malware removal tools (you will see in the logs) and followed numerous recommendations but still cannot get this working. WMI won't start, so I cannot run SFC nor install Windows Updates. This is why I think I may be infected. Here are the logs. Thanks for looking into this.



Step 2.
OTL
Please download OTL ... by Old Timer from Geeks to Go by clicking on the Green "DOWNLOAD" to the right of the title, "OTL OldTimer's List-It". Save it to your Desktop.
  1. Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  2. Click the Scan All Users checkbox.
  3. Check the Extra Registry block to make sure the "Use SafeList" button is highlighted.
    Leave the remaining selections to the default settings.
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.


Step 3.
FRST - Farbar Recovery Scanner Tool Image

Please download FRST.exe ... by Farbar. Save it to your desktop.
  1. Right click on FRST.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.



What I need back from you:
Post each file separately.
  1. Contents of OTL.txt
  2. Contents of Extras.txt
  3. Contents of FRST.txt
  4. Contents of Addition.txt
  5. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 3:39 pm

Hi wbg,

Thanks for replying and volunteering to help me out.

I will send you all info as requested. Before I do, I will delete a tool called Advanced Uninstall Pro which has been doing a daily "health check" and I don't want it to interefere with this process. Unless this hasn't affected the logs I already sent, you may want to wait for the information you requested from me before spending more time reviewing them.

Back later today. Thanks again.
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 3rd, 2015, 4:57 pm

gman2015 wrote: Before I do, I will delete a tool called Advanced Uninstall Pro which has been doing a daily "health check" and I don't want it to interefere with this process.

Why would you have to remove a tool that is not on your uninstall list?

Did you not read item 4 about installing and removing programs?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 6:05 pm

Sorry that I misunderstood, thought you meant leave all as is after I send the requested info.

Here are the tools I can recall running"
1) Malwarebytes Anti-malware
2) Tweaking.com Windows Repair
3) Microsoft Fixit ver 3.5.0.41
4) SUPERAntiSpyware
5) AdwCleaner
6) Rkill
7) Total System Care
8) Microsoft Support Emergency Response Tool
9) Windows System Update Readiness Tool

Let me know if OK to proceed with Step 2.
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 3rd, 2015, 6:23 pm

I want you to run this first and post the results; then continue with the instructions Step 2 and 3 as posted.
Remember to run these scans from your desktop.

TSG - SysInfo utility
  • Right mouse click on this link:SysInfo utility
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Right click, select copy and then paste in your next post.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 6:43 pm

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, x64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 3069 Mb
Graphics Card: ATI Radeon HD 3800 Series, 512 Mb
Hard Drives: C: Total - 699987 MB, Free - 520789 MB; D: Total - 15359 MB, Free - 4011 MB;
Motherboard: Dell Inc., 0TP406
Antivirus: Norton Internet Security, Updated and Enabled
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 6:58 pm

OTL logfile created on: 03/11/2015 5:46:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gino\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 39.59% Memory free
6.20 Gb Paging File | 4.60 Gb Available in Paging File | 74.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683.58 Gb Total Space | 508.58 Gb Free Space | 74.40% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 3.92 Gb Free Space | 26.12% Space Free | Partition Type: NTFS

Computer Name: GINO-PC | User Name: Gino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/11/03 17:44:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gino\Desktop\Downloads\OTL.exe
PRC - [2015/10/20 09:08:28 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015/09/14 08:25:38 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/07/16 13:09:46 | 000,282,016 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\22.5.2.15\NIS.exe
PRC - [2015/03/11 19:54:32 | 000,066,816 | ---- | M] (Tweaking.com) -- C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
PRC - [2011/04/20 01:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 01:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 11:19:38 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2009/06/03 11:14:24 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2009/04/10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/08/22 00:39:12 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM05Mon.exe


========== Modules (No Company Name) ==========

MOD - [2015/02/13 03:20:34 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/11/13 03:34:47 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\525d2a189e395c60a20cded4d2bfea76\System.Runtime.Remoting.ni.dll
MOD - [2014/10/15 02:45:11 | 011,908,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\57bed17a3ad0ad3bbe717287d4cb1625\System.Web.ni.dll
MOD - [2014/10/15 02:41:54 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll
MOD - [2014/09/12 02:33:03 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll
MOD - [2014/02/10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Gino\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Gino\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2014/02/06 00:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/04/20 00:21:02 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2009/06/03 11:19:42 | 000,002,560 | ---- | M] () -- C:\Windows\CTXFIRES.DLL
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2007/08/07 18:49:00 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2007/03/02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll


========== Services (SafeList) ==========

SRV - [2015/10/16 22:11:09 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/10/05 08:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/09/14 08:25:38 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/16 13:09:46 | 000,282,016 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\22.5.2.15\NIS.exe -- (NIS)
SRV - [2015/01/02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/20 01:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/04/10 22:28:20 | 000,000,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/10/07 16:30:00 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/10/07 16:07:26 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/14 10:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 10:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 10:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/05/02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2006/10/26 13:03:08 | 000,000,000 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151023.001\IDSvix86.sys -- (IDSVix86)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2015/10/26 23:59:44 | 001,647,216 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151103.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2015/10/26 23:59:43 | 000,104,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151103.001\NAVENG.SYS -- (NAVENG)
DRV - [2015/10/22 21:25:08 | 000,122,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2015/10/08 13:51:27 | 001,193,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2015/10/05 08:50:12 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/10/05 08:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/08/05 09:59:24 | 000,103,152 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2015/07/27 06:49:24 | 000,389,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2015/07/10 20:06:58 | 000,358,104 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\symtdiv.sys -- (SYMTDIv)
DRV - [2015/07/10 20:06:42 | 000,234,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\Ironx86.sys -- (SymIRON)
DRV - [2015/07/10 20:06:38 | 001,286,896 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\SymEFASI.sys -- (SymEFASI)
DRV - [2015/07/10 20:06:29 | 000,711,408 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\srtsp.sys -- (SRTSP)
DRV - [2015/07/10 20:06:29 | 000,044,792 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\srtspx.sys -- (SRTSPX)
DRV - [2015/07/10 20:06:03 | 000,137,456 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1605020.00F\ccSetx86.sys -- (ccSet_NIS)
DRV - [2013/05/30 12:56:26 | 000,025,632 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudioDevice_383.sys -- (WsAudioDevice_383)
DRV - [2011/04/20 01:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2011/04/20 01:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/04/20 01:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 00:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/06/03 13:27:56 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2009/06/03 13:27:44 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2009/06/03 13:27:34 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/06/03 13:27:26 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009/06/03 13:27:20 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/06/03 13:27:00 | 000,527,512 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2009/06/03 13:26:50 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/06/03 13:26:40 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2009/06/03 13:26:40 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2009/06/03 13:26:26 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2009/06/03 13:26:26 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2009/06/03 13:26:16 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2009/06/03 13:26:16 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/04/10 21:06:28 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/08/22 00:39:20 | 000,235,616 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM05Vid.sys -- (OEM05Vid)
DRV - [2007/08/22 00:39:18 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM05Vfx.sys -- (OEM05Vfx)
DRV - [2007/08/22 00:39:04 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM05Afx.sys -- (OEM05Afx)
DRV - [2007/01/15 17:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ca/ig/dell?hl=en&clie ... bd=3081007
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DACA
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ca/ig/dell?hl=en&clie ... bd=3081007
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/advanced_search
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DACA
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-764997613-2592183252-371304141-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1219160.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.65.2: C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2: C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@squareclock.com/SQ3DPlayer_Production_HBMV1: C:\Users\Gino\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll (SquareClock SAS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn\ [2015/09/06 07:26:41 | 000,000,000 | ---D | M]

[2015/10/18 21:14:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2015/10/18 21:14:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.44_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2015/10/26 08:49:00 | 000,000,855 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\22.5.2.15\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.5.2.15\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\System32\HCIMNTR.DLL (Logitech Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [CtxfiReg] C:\Windows\System32\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\Run: [CtxfiReg] C:\Windows\System32\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Gino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Susan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-764997613-2592183252-371304141-1000\..Trusted Domains: com ([*.Wondershare] http in Trusted sites)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 6493090068 (MUCatalogWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FA0FAC6-0EE6-4B5F-9322-3B24734B5E96}: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF0A664B-C949-4001-A298-A91A820C655B}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18 - Protocol\Handler\WSIEChrome - No CLSID value found
O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\J:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2015/11/03 16:51:47 | 000,000,000 | ---D | C] -- C:\Users\Gino\Desktop\Downloads
[2015/11/02 17:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015/11/02 17:01:35 | 000,000,000 | ---D | C] -- C:\Users\Gino\.oracle_jre_usage
[2015/11/01 17:59:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/11/01 16:13:03 | 000,000,000 | ---D | C] -- C:\TEMP
[2015/11/01 14:01:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015/11/01 14:01:29 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\AdvUninstal
[2015/11/01 14:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2015/11/01 14:01:25 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Local\Innovative Solutions
[2015/11/01 14:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Innovative Solutions
[2015/11/01 14:01:05 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Roaming\Temp
[2015/11/01 13:53:17 | 000,000,000 | ---D | C] -- C:\Users\Gino\Templates
[2015/11/01 13:53:16 | 000,000,000 | ---D | C] -- C:\Users\Gino\SendTo
[2015/11/01 13:53:08 | 000,000,000 | ---D | C] -- C:\Users\Gino\PrintHood
[2015/11/01 13:53:07 | 000,000,000 | ---D | C] -- C:\Users\Gino\NetHood
[2015/11/01 13:53:05 | 000,000,000 | ---D | C] -- C:\Users\Gino\My Documents
[2015/11/01 13:53:04 | 000,000,000 | ---D | C] -- C:\Users\Gino\Local Settings
[2015/11/01 13:53:03 | 000,000,000 | ---D | C] -- C:\Users\Gino\Application Data
[2015/11/01 13:53:01 | 000,000,000 | ---D | C] -- C:\Users\Gino\Cookies
[2015/11/01 13:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Recycler
[2015/10/31 12:57:18 | 002,873,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2015/10/31 12:23:17 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2015/10/31 12:23:12 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2015/10/31 08:51:01 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEShims.dll
[2015/10/31 01:07:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2015/10/31 00:35:05 | 000,000,000 | ---D | C] -- C:\Users\Gino\Desktop\Dependency Walker Files
[2015/10/30 18:47:28 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Roaming\SUPERAntiSpyware.com
[2015/10/30 18:46:47 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2015/10/30 18:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015/10/30 16:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2015/10/26 08:56:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2.bak
[2015/10/26 07:17:20 | 000,000,000 | ---D | C] -- C:\RegBackup
[2015/10/25 22:14:06 | 000,000,000 | ---D | C] -- C:\Users\Gino\Documents\My Videos
[2015/10/25 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Gino\Documents\My Pictures
[2015/10/25 22:14:03 | 000,000,000 | ---D | C] -- C:\Users\Gino\Documents\My Music
[2015/10/25 22:13:59 | 000,000,000 | ---D | C] -- C:\Users\Gino\AppData\Local\Temporary Internet Files
[2015/10/25 22:13:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Videos
[2015/10/25 22:13:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Pictures
[2015/10/25 22:13:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Music
[2015/10/25 22:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Favorites
[2015/10/25 22:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Documents
[2015/10/25 22:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Desktop
[2015/10/25 22:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2015/10/25 19:11:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/10/25 18:11:44 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/10/25 18:11:10 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/10/25 18:11:10 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/10/25 18:11:10 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2015/10/25 18:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/10/25 18:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/10/24 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\Gino\Searches
[2015/10/20 09:52:45 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/10/20 09:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/10/06 22:10:50 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur

========== Files - Modified Within 30 Days ==========

[2015/11/03 17:48:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/03 17:44:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e19615c3c580.job
[2015/11/03 17:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/03 16:44:14 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/03 16:44:14 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/03 16:32:13 | 000,643,220 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/11/03 16:32:13 | 000,121,966 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/11/03 14:44:20 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/03 14:44:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/03 14:42:40 | 000,055,996 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-60021102}.rfx
[2015/11/03 14:42:40 | 000,055,996 | ---- | M] () -- C:\Windows\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-60021102}.rfx
[2015/11/03 14:42:40 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-60021102}.rfx
[2015/11/03 14:42:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2015/11/02 17:08:32 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/11/01 21:36:38 | 000,171,502 | ---- | M] () -- C:\Windows\System32\FireGenULReport.htm
[2015/11/01 15:06:37 | 000,001,356 | ---- | M] () -- C:\Users\Gino\AppData\Local\d3d9caps.dat
[2015/10/31 18:23:34 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/10/31 15:54:22 | 000,003,360 | ---- | M] () -- C:\Users\Gino\Desktop\TrustedInstaller.reg
[2015/10/31 12:42:20 | 000,343,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/10/31 12:24:06 | 000,001,954 | ---- | M] () -- C:\Users\Gino\Desktop\Tweaking.com - Windows Repair.lnk
[2015/10/30 18:46:47 | 000,001,603 | ---- | M] () -- C:\Users\Gino\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/10/26 09:35:08 | 000,001,614 | ---- | M] () -- C:\Users\Gino\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2015/10/26 08:49:00 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015/10/26 07:37:00 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts_bak_928
[2015/10/26 07:17:23 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-GINO-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
[2015/10/25 18:11:13 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/10/24 12:55:35 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2015/10/20 15:04:00 | 006,907,229 | ---- | M] () -- C:\Users\Gino\Desktop\Colliers_From_First_Mile_to_Last_Mile_paper.pdf
[2015/10/17 14:33:03 | 000,092,563 | ---- | M] () -- C:\Users\Gino\Desktop\eBay_ Order details.pdf
[2015/10/16 22:11:07 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/10/16 22:11:06 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/10/16 21:33:20 | 005,203,072 | ---- | M] () -- C:\Users\Gino\Desktop\Router Manual.pdf
[2015/10/06 16:54:53 | 000,094,289 | ---- | M] () -- C:\Users\Gino\Desktop\PEO Payment Record_Paid 6oct15.pdf
[2015/10/05 08:50:12 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/10/05 08:50:08 | 000,094,936 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/10/05 08:50:04 | 000,023,256 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2015/11/01 21:36:27 | 000,171,502 | ---- | C] () -- C:\Windows\System32\FireGenULReport.htm
[2015/10/31 12:24:06 | 000,001,954 | ---- | C] () -- C:\Users\Gino\Desktop\Tweaking.com - Windows Repair.lnk
[2015/10/30 18:46:47 | 000,001,603 | ---- | C] () -- C:\Users\Gino\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/10/26 09:35:08 | 000,001,614 | ---- | C] () -- C:\Users\Gino\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2015/10/26 07:17:23 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-GINO-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
[2015/10/25 18:11:13 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/10/20 15:03:59 | 006,907,229 | ---- | C] () -- C:\Users\Gino\Desktop\Colliers_From_First_Mile_to_Last_Mile_paper.pdf
[2015/10/17 14:33:02 | 000,092,563 | ---- | C] () -- C:\Users\Gino\Desktop\eBay_ Order details.pdf
[2015/10/16 21:33:19 | 005,203,072 | ---- | C] () -- C:\Users\Gino\Desktop\Router Manual.pdf
[2015/10/06 16:54:53 | 000,094,289 | ---- | C] () -- C:\Users\Gino\Desktop\PEO Payment Record_Paid 6oct15.pdf
[2015/02/04 11:08:58 | 000,026,340 | ---- | C] () -- C:\Users\Gino\AppData\Roaming\UserTile.png
[2014/06/08 16:24:49 | 000,008,248 | ---- | C] () -- C:\Users\Gino\AppData\Local\en.ini
[2014/04/24 19:10:34 | 000,003,072 | ---- | C] () -- C:\Windows\System32\CNCFLbNL.DLL
[2014/04/24 18:43:02 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7Q.DLL
[2013/08/28 19:52:42 | 000,001,356 | ---- | C] () -- C:\Users\Gino\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

OTL Extras logfile created on: 03/11/2015 5:46:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gino\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 39.59% Memory free
6.20 Gb Paging File | 4.60 Gb Available in Paging File | 74.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683.58 Gb Total Space | 508.58 Gb Free Space | 74.40% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 3.92 Gb Free Space | 26.12% Space Free | Partition Type: NTFS

Computer Name: GINO-PC | User Name: Gino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-764997613-2592183252-371304141-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B685D77-EC10-480B-B580-F295B461EA22}" = lport=139 | protocol=6 | dir=in | app=system |
"{116CF0B5-D253-417C-BAAA-0A97AFE1BC86}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F25B8EE-FD11-4C4B-860B-BF84365FA74A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{342F8708-0AD6-47C3-A159-1FA44A856279}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45FB6B34-D3D0-4ED1-BC5C-1E40912AAF55}" = lport=137 | protocol=17 | dir=in | app=system |
"{51439CE9-4E15-4BAA-9834-5BFEBB44C357}" = rport=139 | protocol=6 | dir=out | app=system |
"{5396204D-E3EF-4BEF-A8BB-7562B8B16860}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{5DAD79DC-53E7-46DF-B95C-CD147F7F0495}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{657337F2-692F-421E-965E-0E65AF452349}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6EAC06B0-708B-4196-A7BD-37B4AFB8B37F}" = lport=138 | protocol=17 | dir=in | app=system |
"{8331CB5A-1251-4746-ADAF-E9B8D30717D5}" = lport=445 | protocol=6 | dir=in | app=system |
"{86EA2C8C-A459-4803-A2E3-884894E6A0DB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8A874109-74EC-49CE-8F1C-6F9301E72A28}" = rport=137 | protocol=17 | dir=out | app=system |
"{97030E2E-C8E6-4284-A6F3-D361FCFF990A}" = rport=138 | protocol=17 | dir=out | app=system |
"{A061139B-8396-4718-B2D0-0607A0A97DC2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B25C972A-022E-4856-B474-CF05EB818A5A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BEA964C2-309D-4165-874C-E16187F96B33}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA9E1608-7831-4ED3-B33F-4C6246AD8DD8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EAA59126-5E92-4BBA-AF33-EC52184E2F5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F9C11EB6-80FD-4AC2-82C4-E57B832E73BE}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{135E17C1-B824-4B28-B99A-CAD99F81F26A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{363E8AAC-3CE1-442E-A0B8-F6054A20324A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{38439297-3752-4756-97AF-94D1A67C1E41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{429B86BA-105D-4EC9-826E-8DD7241EEFE2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44D72FA1-40ED-4FBE-94FA-12C3CC94D49F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{465268BB-1C7E-4FFF-BCEE-CDFC55C54175}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{50638F69-C104-4870-8AEB-0F010B721E4E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{54705AD7-5BF5-4AD5-AB3C-AAABE4E2D025}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{57FA94A2-3CA6-4014-BC5F-7B01A37358E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C2B544B-B41F-4C82-902A-21D20FFB4220}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64D8D363-DE6D-4E28-9010-B7A1603A41D6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{76C1D8E0-EBD9-4C36-B289-C19B0ED450F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83964662-25AD-4B2B-A689-414D7B55076A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8983D055-4FAE-41F4-8D71-93DD58996D5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1AAF346-A339-481A-A576-7730CBE8C6CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ABFDC23A-5416-4593-ABD5-A2864984C145}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B93CA6E4-E4BD-4DA2-B88C-4F654B4274D8}" = protocol=6 | dir=out | app=system |
"{BBA71DE2-7AEA-4371-99D0-A7B0D4DA4354}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE90DFCF-510A-4D8D-833D-8C57760C9CDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DF4C9A03-FA2F-4C91-9078-E1F93A6D4987}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E8122D80-6859-43A2-B55F-4937E59D050B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4543F6D-72B5-4A19-8A0C-22363ABB6EFF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0DBC462A-A675-42AE-8804-D18F99C99D95}C:\program files\western digital\wd discovery\wddiscovery.exe" = protocol=6 | dir=in | app=c:\program files\western digital\wd discovery\wddiscovery.exe |
"UDP Query User{E3758BE9-8977-4965-A990-DFE63C4230E2}C:\program files\western digital\wd discovery\wddiscovery.exe" = protocol=17 | dir=in | app=c:\program files\western digital\wd discovery\wddiscovery.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D51B09-8C96-66F8-92BF-33A7E164C55C}" = Catalyst Control Center Localization Portuguese
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0274D240-4D1D-4FDA-9A36-09F0BECD288F}" = Adobe AIR
"{02DC675D-4BA4-40D9-A94D-6895D07C7419}" = WD Discovery
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4300
"{043D8259-3CAA-6F8C-6E2D-E38283FC0D4D}" = CCC Help Chinese Standard
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07183287-CF06-9557-D0A0-4DF5A237CD05}" = CCC Help Spanish
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{092888A8-8F3B-4C31-8636-F9632030C971}" = calibre
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0C9F2F87-6FA3-488C-F489-3501F178C480}" = Catalyst Control Center Localization Chinese Standard
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series" = Canon MX920 series MP Drivers
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1E01E143-E78C-A324-FF2F-16EAA0C6CB1E}" = CCC Help Hungarian
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FB3C00D-E214-F383-0D86-47211D4472EC}" = CCC Help Chinese Traditional
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{26A24AE4-039D-4CA4-87B4-2F83218065F0}" = Java 8 Update 65
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30EE5A21-1E57-1DFF-3D59-E6B5EE5C274E}" = CCC Help English
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}" = Roxio Creator Premier 10
"{40C801DC-E428-E41B-C4BC-8AD9C07C4336}" = Catalyst Control Center Graphics Full New
"{419D6CBB-322C-4EE2-0866-FB582514BF62}" = Catalyst Control Center Localization Korean
"{41F09D47-DBF4-1497-ACAF-534AED2AD7F4}" = Catalyst Control Center Graphics Full Existing
"{43934147-4A8B-EFEF-BD42-CFE52CF5663B}" = Catalyst Control Center Localization Polish
"{44415FD8-A554-AA16-00E7-B1DF43F49CB0}" = Catalyst Control Center Graphics Previews Common
"{444C5574-6BE0-323E-9BDD-922F6C3C4A04}" = Microsoft .NET Framework 4.6
"{4498C780-9A00-105B-80CE-AB458C680888}" = Catalyst Control Center Localization Spanish
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier
"{493909E8-83A7-E4D5-C7E8-E75E5E53FB07}" = Catalyst Control Center Localization Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB9C5C3-B890-97EC-26ED-ECD96645B5FF}" = Catalyst Control Center Localization Chinese Traditional
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{5C82FB90-FD74-BB07-AA83-A6B683E407E8}" = Skins
"{5E14A164-4DC8-7686-DFF9-1B0DC0E9C22E}" = Catalyst Control Center Graphics Light
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616BF52A-6B5C-E98A-D320-F7CB396289B4}" = CCC Help German
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6863264D-A026-74F9-B6B9-6432CD83E8D0}" = Catalyst Control Center Localization Thai
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7160D728-3A2B-5E11-CF1C-F0F46790C1C5}" = ccc-core-static
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7CB2A775-9537-F0B3-B12C-39935FC406BE}" = CCC Help Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{84D58782-A2F0-47D4-A557-3041363893CF}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92A300C0-E97B-48CC-9702-AB1AAED167E1}" = Adobe Soundbooth CS3 Scores
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93DD0407-71F9-CC33-DFEB-6A972D9A0D6C}" = CCC Help Italian
"{96FB529E-634D-48EF-91CB-A1A06243E25C}" = CCC Help Korean
"{99CD4458-A1E7-BDCF-2838-B2FEC4D7F3BD}" = Catalyst Control Center Localization Hungarian
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E327786-6078-3A3D-B161-34C57105B183}" = CCC Help Polish
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A43494A1-A4D4-A75B-EE06-5DD390DE9D6F}" = ccc-utility
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A73BDB2A-E4A7-4FE8-960E-6A5C8BF76FCB}" = XPS MiniView Gadget
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5EC8FC-C7D5-797E-A33C-79695264E0E7}" = CCC Help French
"{AC16252B-B731-8133-A10F-E4F8066945B4}" = CCC Help Turkish
"{AC76BA86-0804-1033-1959-001824157129}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.16)
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support (32-bit)
"{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1" = Free FLV to MP4 Converter 1.0.18
"{B1AE9D28-DA40-4C5E-94BC-5A6C7FA7A43B}" = Catalyst Control Center Graphics Previews Vista
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAD890B2-D495-E30F-48A7-95ADB7A7C811}" = CCC Help Thai
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C127414C-A625-4E0A-8AC1-F970F9E566A3}" = Adobe Elements Studio Launcher
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C81A17EF-B3FA-3F03-DEF9-DC6E24F12D5A}" = CCC Help Japanese
"{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DDB74B95-2169-9869-B4DA-7CC881C0AC59}" = Catalyst Control Center Core Implementation
"{DE44E86C-6339-394D-DD8A-D8BD499EB287}" = Catalyst Control Center Localization Turkish
"{E1DB0812-2D60-43DB-AE09-6C7027D93B28}" = Apple Mobile Device Support
"{E1E8CEE9-9A46-819C-2490-10B12E5A40EE}" = Catalyst Control Center Localization German
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EFBBCE37-DE8C-CC16-48E8-DBBFB51B6FC4}" = Catalyst Control Center Localization French
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FD28B75E-10A2-63A9-6EBA-D4494220F903}" = Catalyst Control Center Localization Italian
"AdFender" = AdFender
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Adobe_19c4ee81f9cc4b3dffb9a17d9b648b2" = Adobe Soundbooth CS3
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Canon MX920 series On-screen Manual" = Canon MX920 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup" = DivX Setup
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperSnap 7" = HyperSnap 7
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.0.1024
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NIS" = Norton Internet Security
"OpenAL" = OpenAL
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.4
"Speed Dial Utility" = Canon Speed Dial Utility
"Tweaking.com - Windows Repair" = Tweaking.com - Windows Repair
"Weeny Free ePub to PDF Converter_is1" = Weeny Free ePub to PDF Converter 2.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-764997613-2592183252-371304141-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"SquareClock_Production_HBMV1" = HomeByMe

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/11/2015 5:55:08 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:55:28 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:55:48 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:56:08 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:56:28 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:56:48 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:57:08 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:57:28 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:57:48 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 03/11/2015 5:58:08 PM | Computer Name = Gino-PC | Source = Windows Search Service | ID = 3100
Description =

[ D3D Video Render Events ]
Error - 05/02/2015 8:22:49 PM | Computer Name = Gino-PC | Source = D3D Video Render | ID = 1002
Description =

Error - 16/02/2015 12:40:25 AM | Computer Name = Gino-PC | Source = D3D Video Render | ID = 1002
Description =

Error - 16/02/2015 8:43:04 PM | Computer Name = Gino-PC | Source = D3D Video Render | ID = 1002
Description =

Error - 16/02/2015 9:45:32 PM | Computer Name = Gino-PC | Source = D3D Video Render | ID = 1002
Description =

Error - 16/02/2015 9:49:37 PM | Computer Name = Gino-PC | Source = D3D Video Render | ID = 1002
Description =

[ Media Center Events ]
Error - 14/01/2015 11:40:57 AM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 15/01/2015 11:57:33 AM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 22/01/2015 3:22:40 AM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 23/01/2015 11:14:44 PM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 25/01/2015 11:01:32 AM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 26/01/2015 12:18:52 PM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 31/01/2015 3:38:59 AM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 04/02/2015 11:09:25 PM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 05/02/2015 11:22:51 PM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 06/02/2015 12:54:19 PM | Computer Name = Gino-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 03/11/2015 6:15:18 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:15:25 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:25:18 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:25:25 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:35:18 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:35:25 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:45:18 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:45:25 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:55:18 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =

Error - 03/11/2015 6:55:25 PM | Computer Name = Gino-PC | Source = DCOM | ID = 10016
Description =


< End of report >
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 7:06 pm

My NIS is preventing me from downloading FRST; it removed it as soon as it downloaded. Disable Norton for this?
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 3rd, 2015, 10:32 pm

gman2015 wrote:My NIS is preventing me from downloading FRST; it removed it as soon as it downloaded. Disable Norton for this?
Yes. Here is a link on how to if you need it.
http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

You will have to scroll down to the section covering Norton's.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 3rd, 2015, 11:18 pm

Although I haven't had issues with my NIS, strangely I am unable to disable the firewall or auto-protection. Never had this problem before. I can go in and change the settings but after I apply them, the changes don't take effect, as if I am locked out. I am thinking of uninstalling it completely, downloading FRST, then re-installing NIS. Any issues from your end?
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 4th, 2015, 12:12 am

Did you use the registry repair feature of the program: Tweaking.com Windows Repair?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 4th, 2015, 12:45 am

Yes, I did.
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby wannabeageek » November 4th, 2015, 1:45 am

Do you have the logs from when you ran the repair feature?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Cannot Start Windows Module Installer or Get Windows Upd

Unread postby gman2015 » November 4th, 2015, 10:50 am

Unfortunately, no, the folder is empty. I think Advanced Uninstall Pro wiped them out. Lesson learned...
gman2015
Active Member
 
Posts: 10
Joined: October 31st, 2015, 8:38 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 129 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware