-
========== Files/Folders - Created Within 30 Days ==========
[2013/04/05 16:22:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2013/04/05 16:03:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/05 16:02:57 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/05 16:02:50 | 000,551,171 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Mike\Desktop\JRT.exe
[2013/04/05 07:53:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/05 07:40:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/05 07:40:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/05 07:40:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/05 07:40:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/05 07:35:42 | 005,047,266 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\ComboFix.exe
[2013/04/04 07:10:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\RK_Quarantine
[2013/04/04 07:07:37 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013/03/28 11:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\virtualdr_32813
[2013/03/27 08:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013/03/27 08:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/03/27 08:53:30 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Comodo
[2013/03/27 08:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013/03/27 08:45:42 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/03/27 08:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/27 08:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/03/24 08:29:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\cvcoptdata
[2013/03/24 08:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browseforchange
[2013/03/14 08:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
========== Files - Modified Within 30 Days ==========
[2013/04/05 16:22:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2013/04/05 16:10:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/05 16:07:52 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 16:07:52 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 16:07:38 | 000,817,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/05 16:07:38 | 000,690,246 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/05 16:07:38 | 000,131,656 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/05 16:02:29 | 000,551,171 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Mike\Desktop\JRT.exe
[2013/04/05 15:59:47 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/05 15:59:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/05 15:59:05 | 3190,517,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/05 15:47:01 | 000,613,083 | ---- | M] () -- C:\Users\Mike\Desktop\adwcleaner.exe
[2013/04/05 15:37:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/05 07:53:48 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/05 07:35:13 | 005,047,266 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\ComboFix.exe
[2013/04/04 07:05:12 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/28 14:17:40 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013/03/28 14:01:28 | 000,002,281 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/28 14:01:27 | 000,002,257 | ---- | M] () -- C:\Users\Mike\Desktop\Google Chrome.lnk
[2013/03/27 08:45:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/03/24 08:29:51 | 000,002,397 | ---- | M] () -- C:\Users\Mike\Desktop\Optimum.lnk
[2013/03/24 03:29:00 | 000,001,409 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/24 03:04:54 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/24 03:04:53 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/18 14:41:19 | 000,002,112 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/03/06 18:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
========== Files Created - No Company Name ==========
[2013/04/05 15:47:26 | 000,613,083 | ---- | C] () -- C:\Users\Mike\Desktop\adwcleaner.exe
[2013/04/05 07:40:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/05 07:40:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/05 07:40:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/05 07:40:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/05 07:40:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/28 10:18:23 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/27 08:56:13 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013/03/27 08:45:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/03/24 08:29:49 | 000,002,427 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optimum.lnk
[2013/03/24 08:29:49 | 000,002,397 | ---- | C] () -- C:\Users\Mike\Desktop\Optimum.lnk
[2013/03/24 03:29:00 | 000,001,409 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/24 03:04:54 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/24 03:04:53 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/08 14:57:21 | 000,000,208 | ---- | C] () -- C:\Windows\wininit.ini
[2012/01/15 08:20:12 | 000,814,276 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/18 07:13:05 | 000,000,007 | ---- | C] () -- C:\Windows\sysres10.dat
[2011/11/04 08:00:01 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll
[2011/08/08 11:45:07 | 000,007,642 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2011/06/28 11:15:03 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys
[2011/06/28 11:15:03 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys
[2011/06/28 10:07:31 | 000,000,814 | ---- | C] () -- C:\Windows\SysWow64\printer.ini
[2011/06/28 10:07:30 | 000,000,049 | ---- | C] () -- C:\Windows\SysWow64\bitmap.ini
[2010/09/25 08:46:13 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/07/31 09:51:06 | 000,005,120 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2010/08/01 09:15:50 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Absolute Audio Converter
[2011/03/12 12:50:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Acoustica
[2011/06/09 08:43:42 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Amazon
[2012/03/10 07:39:26 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Apowersoft
[2011/03/13 11:20:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Applied Acoustics Systems
[2012/04/27 13:49:37 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\BitTorrent
[2012/06/20 11:36:22 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\CheckPoint
[2012/03/21 13:39:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ChemTable Software
[2011/07/01 10:01:36 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\com.amazon.music.uploader
[2011/07/22 06:10:33 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Cool Record Edit Pro
[2012/02/24 13:07:33 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\DigitalFakeBook
[2012/02/04 09:56:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Dropbox
[2010/08/04 12:38:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\eStand
[2013/01/17 11:18:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\KORG
[2010/08/03 10:41:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\NCH Swift Sound
[2011/11/02 09:50:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\OptimumLink
[2012/06/09 13:34:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\OverDrive
[2012/08/10 08:20:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\PhoneClean
[2012/02/23 14:47:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\PhotoEchoes
[2010/07/27 12:24:48 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Roni Music
[2011/06/30 11:52:18 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ScanToPDF_4
[2013/03/01 15:34:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ShopAtHome
[2011/06/14 07:37:54 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Softplicity
[2012/01/02 09:07:44 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Sound Editor Deluxe
[2011/12/30 09:32:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SpeedMP3Downloader
[2013/01/28 13:51:34 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Spotify
[2011/03/12 13:25:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SynthMaker
[2010/07/26 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Thunderbird
[2011/11/21 09:05:08 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\URSoft
[2011/10/17 09:15:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\VideoBooth
[2010/10/24 10:56:29 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:091193F8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720
< E
-
http://dev.discussions.virtualdr.forums.relay.cool/ Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
PRC - [2012/03/14 07:04:52 | 006,041,192 | ---- | M] (AnVir Software) -- C:\Program Files (x86)\AnVir Task Manager\AnVir.exe
DRV:64bit: - [2012/01/09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012/01/09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012/01/09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
IE - HKU\S-1-5-21-2788626009-353071757-3216397744-1000\..\SearchScopes\{42715077-9C21-45D3-B6AC-BFF7FB839C90}: "URL" = http://search.avg.com/route/?d=4cb6fd21&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [ISW] File not found
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:091193F8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720
:Services
:Reg
:Files
C:\Program Files (x86)\AnVir Task Manager
:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...
http://dev.discussions.virtualdr.forums.relay.cool/ Download Security Check from here or here and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
http://dev.discussions.virtualdr.forums.relay.cool/ Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
- Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
http://dev.discussions.virtualdr.forums.relay.cool/ Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
http://dev.discussions.virtualdr.forums.relay.cool/ Please run a free online scan with the ESET Online Scanner
- Disable your antivirus program
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- Accept any security warnings from your browser.
- Check Scan archives
- Click Start
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, click on List of found threats
- Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- NOTE. If Eset won't find any threats, it won't produce any log.
-
All processes killed
========== OTL ==========
Process AnVir.exe killed successfully!
Error: Unable to stop service KLIF!
Unable to delete service\driver key KLIF.
File move failed. C:\Windows\SysNative\drivers\klif.sys scheduled to be moved on reboot.
Error: Unable to stop service KL1!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KL1 deleted successfully.
File move failed. C:\Windows\SysNative\drivers\kl1.sys scheduled to be moved on reboot.
Error: Unable to stop service kl2!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kl2 deleted successfully.
C:\Windows\SysNative\drivers\kl2.sys moved successfully.
Registry key HKEY_USERS\S-1-5-21-2788626009-353071757-3216397744-1000\Software\Microsoft\Internet Explorer\SearchScopes\{42715077-9C21-45D3-B6AC-BFF7FB839C90}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42715077-9C21-45D3-B6AC-BFF7FB839C90}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared deleted successfully.
File C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\ not found.
File C:\Program Files (x86)\AVG\AVG10\Firefox4 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ISW deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
ADS C:\ProgramData\TEMP:091193F8 deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files (x86)\AnVir Task Manager\OpenHardwareMonitor folder moved successfully.
C:\Program Files (x86)\AnVir Task Manager folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 58264 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
User: HomeGroupUser$
->Temp folder emptied: 0 bytes
User: Mike
->Temp folder emptied: 1569053 bytes
->Temporary Internet Files folder emptied: 5871829 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77726839 bytes
->Google Chrome cache emptied: 381883606 bytes
->Apple Safari cache emptied: 5859328 bytes
->Flash cache emptied: 79423 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 190029287 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 94490 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 632.00 mb
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default
User: Default User
User: Guest
User: HomeGroupUser$
User: Mike
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Mike
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04072013_091634
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\drivers\klif.sys scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\drivers\kl1.sys scheduled to be moved on reboot.
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\Windows\temp\FireFly(20130407091317AA8).log not found!
C:\Windows\temp\integratedoffice.exe_c2rdll(20130407091318AA8).log moved successfully.
C:\Windows\temp\integratedoffice.exe_c2ruidll(20130407091316AA8).log moved successfully.
C:\Windows\temp\integratedoffice.exe_streamserver(20130407091319AA8).log moved successfully.
File move failed. C:\Windows\temp\ood_stream.x86.en-us.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\ood_stream.x86.x-none.dat scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Results of screen317's Security Check version 0.99.62
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ZoneAlarm Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Secunia PSI (3.0.0.2004)
Malwarebytes Anti-Malware version 1.70.0.1100
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox 19.0.2 Firefox out of Date!
Mozilla Thunderbird (17.0.4)
Google Chrome 25.0.1364.172
Google Chrome 26.0.1410.43
````````Process Check: objlist.exe by Laurent````````
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
-
Farbar Service Scanner Version: 03-03-2013
Ran by Mike (administrator) on 07-04-2013 at 09:38:01
Running from "C:\Users\Mike\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
-
-
C:\Program Files (x86)\Browseforchange\uninstall.exe a variant of MSIL/Adware.iBryte.A application cleaned by deleting - quarantined
C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1c8626d7-6a9cd7be a variant of Java/Exploit.CVE-2013-0422.BY trojan cleaned by deleting - quarantined
-
Could not initialize the application's security component. The most probable cause is problems in your browser's profile directory. Please check that this directory has no read/write restrictions and your hard drive is not full or close to full. It is recommended that you exit the browser and fix the problem. If you continue to use this browser session, you might see incorrect browser behavior when accessing security features.
The above message appears when I try to run Thunderbird, my email.
-
Is your Thunderbird up to date?
If yes see here: https://support.mozilla.org/en-US/kb...rity-component
It's written for Firefox but you use same steps for TB.
Also...
Update Adobe Reader
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.
-
Hi - I downloaded and installed Adobe Reader. I then tried all of your suggestions about Thunderbird. None of them had any effect. Additionally, IE was working yesterday, but today only Chrome and Firefox work. I downloaded the latest version of Thunderbird and that had no effect as well.
-
What's wrong with IE?
As for TB, uninstall it conpletely.
Read this article... http://kb.mozillazine.org/Uninstalling_Firefox
It was written for Firefox, but is valid for Thunderbird
To Uninstall Thunderbird completely, you need to remove the core program in the Installation Directory (Usually ProgramFiles) AND the Profile (see the article for the location)
Install fresh copy.
-
Hi,
Tried all suggestions regarding Thunderbird and still get the warning about the applications security component. I tried Outlook and it works fine. I can live with that. However, the IE is still not working. I get a small window which quickly says "not responding".
-
Download Windows Repair (All in One) from this site
Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.
Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:
https://discussions.virtualdr.com/
Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:
https://discussions.virtualdr.com/
Go to Step 4 and under "System Restore" click on Create button:
https://discussions.virtualdr.com/
Go to Start Repairs tab and click Start button.
Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.
Click on Start button.
https://discussions.virtualdr.com/
Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
-
Starting Repairs...
Start (4/11/2013 9:13:19 AM)
Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (4/11/2013 9:13:19 AM)
Running Repair Under Current User Account
Done (4/11/2013 9:13:26 AM)
Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (4/11/2013 9:13:26 AM)
Running Repair Under System Account
Done (4/11/2013 9:16:36 AM)
Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (4/11/2013 9:16:36 AM)
Running Repair Under System Account
Done (4/11/2013 9:18:09 AM)
Register System Files
Start (4/11/2013 9:18:09 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:18:47 AM)
Repair WMI
Start (4/11/2013 9:18:47 AM)
Running Repair Under Current User Account
Invalid Global Switch.
Invalid Global Switch.
Running Repair Under System Account
Invalid Global Switch.
Invalid Global Switch.
Done (4/11/2013 9:20:52 AM)
Repair Windows Firewall
Start (4/11/2013 9:20:52 AM)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Done (4/11/2013 9:23:23 AM)
Repair Internet Explorer
Start (4/11/2013 9:23:24 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:26:40 AM)
Repair MDAC/MS Jet
Start (4/11/2013 9:26:40 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:27:22 AM)
Repair Hosts File
Start (4/11/2013 9:27:22 AM)
Running Repair Under System Account
Done (4/11/2013 9:27:57 AM)
Remove Policies Set By Infections
Start (4/11/2013 9:27:57 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:28:08 AM)
Repair Icons
Start (4/11/2013 9:28:08 AM)
Running Repair Under System Account
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db
Done (4/11/2013 9:29:37 AM)
Repair Winsock & DNS Cache
Start (4/11/2013 9:29:37 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:30:21 AM)
Repair Proxy Settings
Start (4/11/2013 9:30:21 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:30:30 AM)
Repair Windows Updates
Start (4/11/2013 9:30:30 AM)
Running Repair Under Current User Account
The Background Intelligent Transfer Service service is not started.
More help is available by typing NET HELPMSG 3521.
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Running Repair Under System Account
The Cryptographic Services service is not started.
More help is available by typing NET HELPMSG 3521.
The Background Intelligent Transfer Service service is not started.
More help is available by typing NET HELPMSG 3521.
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Done (4/11/2013 9:31:41 AM)
Repair CD/DVD Missing/Not Working
Start (4/11/2013 9:31:41 AM)
Done (4/11/2013 9:31:41 AM)
Repair Volume Shadow Copy Service
Start (4/11/2013 9:31:41 AM)
Running Repair Under Current User Account
The Volume Shadow Copy service is not started.
More help is available by typing NET HELPMSG 3521.
The Microsoft Software Shadow Copy Provider service is not started.
More help is available by typing NET HELPMSG 3521.
Running Repair Under System Account
The Volume Shadow Copy service is not started.
More help is available by typing NET HELPMSG 3521.
The Microsoft Software Shadow Copy Provider service is not started.
More help is available by typing NET HELPMSG 3521.
Done (4/11/2013 9:31:50 AM)
Repair MSI (Windows Installer)
Start (4/11/2013 9:31:50 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:32:22 AM)
Repair bat Association
Start (4/11/2013 9:32:22 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:33:01 AM)
Repair cmd Association
Start (4/11/2013 9:33:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:34:49 AM)
Repair com Association
Start (4/11/2013 9:34:49 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:34:58 AM)
Repair Directory Association
Start (4/11/2013 9:34:58 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:35:08 AM)
Repair Drive Association
Start (4/11/2013 9:35:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:35:39 AM)
Repair exe Association
Start (4/11/2013 9:35:39 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:37:12 AM)
Repair Folder Association
Start (4/11/2013 9:37:12 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:37:51 AM)
Repair inf Association
Start (4/11/2013 9:37:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:38:01 AM)
Repair lnk (Shortcuts) Association
Start (4/11/2013 9:38:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:08 AM)
Repair msc Association
Start (4/11/2013 9:39:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:15 AM)
Repair reg Association
Start (4/11/2013 9:39:15 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:22 AM)
Repair scr Association
Start (4/11/2013 9:39:22 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:28 AM)
Repair Windows Safe Mode
Start (4/11/2013 9:39:28 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:36 AM)
Repair Print Spooler
Start (4/11/2013 9:39:36 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:39:51 AM)
Restore Important Windows Services
Start (4/11/2013 9:39:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:40:08 AM)
Set Windows Services To Default Startup
Start (4/11/2013 9:40:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 9:40:23 AM)
Cleaning up empty logs...
All Selected Repairs Done.
Done (4/11/2013 9:40:23 AM)
Total Repair Time: 00:27:04
...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under System Account
Starting Repairs...
Start (4/11/2013 11:03:09 AM)
Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (4/11/2013 11:03:09 AM)
Running Repair Under Current User Account
Done (4/11/2013 11:03:16 AM)
Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (4/11/2013 11:03:16 AM)
Running Repair Under System Account
Done (4/11/2013 11:05:46 AM)
Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (4/11/2013 11:05:46 AM)
Running Repair Under System Account
Done (4/11/2013 11:06:57 AM)
Register System Files
Start (4/11/2013 11:06:57 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:07:38 AM)
Repair WMI
Start (4/11/2013 11:07:38 AM)
Running Repair Under Current User Account
Invalid Global Switch.
Invalid Global Switch.
Running Repair Under System Account
Invalid Global Switch.
Invalid Global Switch.
Done (4/11/2013 11:09:42 AM)
Repair Windows Firewall
Start (4/11/2013 11:09:42 AM)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Done (4/11/2013 11:10:21 AM)
Repair Internet Explorer
Start (4/11/2013 11:10:21 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:11:04 AM)
Repair MDAC/MS Jet
Start (4/11/2013 11:11:04 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:11:29 AM)
Repair Hosts File
Start (4/11/2013 11:11:29 AM)
Running Repair Under System Account
Done (4/11/2013 11:11:33 AM)
Remove Policies Set By Infections
Start (4/11/2013 11:11:33 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:11:39 AM)
Repair Icons
Start (4/11/2013 11:11:39 AM)
Running Repair Under System Account
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db
Done (4/11/2013 11:11:43 AM)
Repair Winsock & DNS Cache
Start (4/11/2013 11:11:43 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:11:58 AM)
Repair Proxy Settings
Start (4/11/2013 11:11:59 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:12:07 AM)
Repair Windows Updates
Start (4/11/2013 11:12:07 AM)
Running Repair Under Current User Account
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Running Repair Under System Account
The Cryptographic Services service is not started.
More help is available by typing NET HELPMSG 3521.
The Background Intelligent Transfer Service service is not started.
More help is available by typing NET HELPMSG 3521.
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Stopping, Waiting for current repair to finish...
Done (4/11/2013 11:12:30 AM)
Repairs Stopped By User.
Done (4/11/2013 11:12:30 AM)
Total Repair Time: 00:09:21
Starting Repairs...
Start (4/11/2013 11:12:34 AM)
Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (4/11/2013 11:12:34 AM)
Running Repair Under Current User Account
Done (4/11/2013 11:12:39 AM)
Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (4/11/2013 11:12:39 AM)
Running Repair Under System Account
Done (4/11/2013 11:15:43 AM)
Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (4/11/2013 11:15:43 AM)
Running Repair Under System Account
Done (4/11/2013 11:17:00 AM)
Register System Files
Start (4/11/2013 11:17:00 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:17:34 AM)
Repair WMI
Start (4/11/2013 11:17:34 AM)
Running Repair Under Current User Account
Invalid Global Switch.
Invalid Global Switch.
Running Repair Under System Account
Invalid Global Switch.
Invalid Global Switch.
Done (4/11/2013 11:19:16 AM)
Repair Windows Firewall
Start (4/11/2013 11:19:16 AM)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.
More help is available by typing NET HELPMSG 3521.
The Internet Connection Sharing (ICS) service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534.
Done (4/11/2013 11:19:51 AM)
Repair Internet Explorer
Start (4/11/2013 11:19:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:20:28 AM)
Repair MDAC/MS Jet
Start (4/11/2013 11:20:28 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:24:23 AM)
Repair Hosts File
Start (4/11/2013 11:24:23 AM)
Running Repair Under System Account
Done (4/11/2013 11:24:28 AM)
Remove Policies Set By Infections
Start (4/11/2013 11:24:28 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:24:36 AM)
Repair Icons
Start (4/11/2013 11:24:36 AM)
Running Repair Under System Account
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db.bak
The system cannot find the file specified.
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db
Could Not Find C:\Users\Mike\AppData\Local\IconCache.db.bak
Done (4/11/2013 11:24:40 AM)
Repair Winsock & DNS Cache
Start (4/11/2013 11:24:40 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:24:55 AM)
Repair Proxy Settings
Start (4/11/2013 11:24:55 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:25:02 AM)
Repair Windows Updates
Start (4/11/2013 11:25:02 AM)
Running Repair Under Current User Account
The Cryptographic Services service is not started.
More help is available by typing NET HELPMSG 3521.
The Background Intelligent Transfer Service service is not started.
More help is available by typing NET HELPMSG 3521.
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Running Repair Under System Account
The Cryptographic Services service is not started.
More help is available by typing NET HELPMSG 3521.
The Background Intelligent Transfer Service service is not started.
More help is available by typing NET HELPMSG 3521.
The Windows Update service is not started.
More help is available by typing NET HELPMSG 3521.
The system cannot find the file specified.
Done (4/11/2013 11:25:17 AM)
Repair CD/DVD Missing/Not Working
Start (4/11/2013 11:25:17 AM)
Done (4/11/2013 11:25:17 AM)
Repair Volume Shadow Copy Service
Start (4/11/2013 11:25:17 AM)
Running Repair Under Current User Account
The Volume Shadow Copy service is not started.
More help is available by typing NET HELPMSG 3521.
The Microsoft Software Shadow Copy Provider service is not started.
More help is available by typing NET HELPMSG 3521.
Running Repair Under System Account
The Volume Shadow Copy service is not started.
More help is available by typing NET HELPMSG 3521.
The Microsoft Software Shadow Copy Provider service is not started.
More help is available by typing NET HELPMSG 3521.
Done (4/11/2013 11:25:31 AM)
Repair MSI (Windows Installer)
Start (4/11/2013 11:25:31 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:25:51 AM)
Repair bat Association
Start (4/11/2013 11:25:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:25:58 AM)
Repair cmd Association
Start (4/11/2013 11:25:58 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:26:27 AM)
Repair com Association
Start (4/11/2013 11:26:27 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:26:34 AM)
Repair Directory Association
Start (4/11/2013 11:26:34 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:26:41 AM)
Repair Drive Association
Start (4/11/2013 11:26:41 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:26:48 AM)
Repair exe Association
Start (4/11/2013 11:26:48 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:26:53 AM)
Repair Folder Association
Start (4/11/2013 11:26:53 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:02 AM)
Repair inf Association
Start (4/11/2013 11:27:02 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:09 AM)
Repair lnk (Shortcuts) Association
Start (4/11/2013 11:27:09 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:15 AM)
Repair msc Association
Start (4/11/2013 11:27:15 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:20 AM)
Repair reg Association
Start (4/11/2013 11:27:21 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:26 AM)
Repair scr Association
Start (4/11/2013 11:27:26 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:31 AM)
Repair Windows Safe Mode
Start (4/11/2013 11:27:31 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:37 AM)
Repair Print Spooler
Start (4/11/2013 11:27:37 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:27:51 AM)
Restore Important Windows Services
Start (4/11/2013 11:27:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:28:05 AM)
Set Windows Services To Default Startup
Start (4/11/2013 11:28:05 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2013 11:28:20 AM)
Cleaning up empty logs...
All Selected Repairs Done.
Done (4/11/2013 11:28:20 AM)
Total Repair Time: 00:15:46
...YOU MUST RESTART YOUR SYSTEM...
-
