Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Logged in with a temporary profile windows 7


  • Please log in to reply
37 replies to this topic

#1 Negotron

Negotron

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 09 March 2015 - 03:56 PM

I cannot login to my main profile when I try to it takes quite some time and just logs me in to a temp profile and I get this message "You can not access your files and files created in this profile will be deleted when  you log off.  To fix this log off and try logging on again later.  Please see the event log or contact your system administrator for details."

 

I have done what many sites said to do to rename the profile using regedit and it worked only once the next time I tried logging in it said failed to log on. I then booted in safe mode and redid the renaming and now its back to where it was. I tried creating a new user account and copy/paste my stuff but it did not work at least not all I saw a folder of my videos in the new account but that's about it all my pics, music and files on my desktop did not copy over. I'm not sure if I did it the right way or not or if im infected or something wrong my my pc hopefully you guys can help me.



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 09 March 2015 - 04:49 PM

Hi Negotron :)

What I suggest you to do is to back up all your personal files on an external storage media (if you have one, otherwise, create a folder directly on your C: drive or other partition), then once done, I would delete your old profile(s) (if you created more than one) and create a fresh new one and go from there. Here's how you properly delete a profile folder on Windows and its user account.

To delete the user account: http://windows.microsoft.com/en-us/windows7/delete-a-user-account
To delete the user profile: https://superuser.com/questions/63017/how-do-i-delete-a-user-profile-on-a-windows-7-machine-that-is-part-of-a-domain

Let me know if you need any help :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 12:29 AM

Hi Aura, I ended up creating a new account and since I was still able to access my files via the C: drive I copied everything to a new account. Everything seems to have copied fine but Im still not sure whether I should delete the old account.

 

Also since I started using the new account I encountered a problem which I don't know if its related to this but it did not do it prior to the user problem. It has happened twice both times I left the pc alone for some time and when I came back it started running really slow to the point where I couldn't do nothing. The first time I tried restarting and it got stuck on logging off and the second the same thing happened so I hit restart and all the programs closed except the folder that I was trying to access which was stuck on not responding. I had to manually shut down both times and when I turned it on both times it wanted to run a check disk which I allowed the first time but not the second because I figured it already done it before not even 24 hours ago. Any clues?



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 05:26 AM

You can safely delete the old user account if there's nothing left on it. As for your current issue, I guess we'll have to take a more in-depth look at it.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the executable file to your Desktop;
  • Execute MiniToolBox and check the following options:
    • List Installed Programs;
    • List Last 10 Event Viewer Errors;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      wNeKMCX.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 11:03 AM

The same thing happened yet again only this time it did restart normally but it still ran a check disk for some reason. I don't understand why every time I boot it does that.
 
 
MiniToolBox by Farbar  Version: 09-03-2015
Ran by Gost (administrator) on 11-03-2015 at 11:57:06
Running from "C:\Users\Gost\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: DX4831 Manufacturer: Gateway
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/11/2015 01:41:04 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF).
 
Error: (03/11/2015 01:40:42 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF).
 
Error: (03/11/2015 01:39:11 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF).
 
Error: (03/11/2015 01:39:03 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF).
 
Error: (03/11/2015 01:30:55 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4217048314-3668295848-1408259179-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {058f68d3-860f-449c-b1e4-4db0eefc8584}
 
Error: (03/11/2015 01:17:36 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4217048314-3668295848-1408259179-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {c3a1e12e-7311-47ee-9e4f-04168ef180c6}
 
Error: (03/10/2015 08:22:40 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/10/2015 07:50:49 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/10/2015 04:51:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/10/2015 04:51:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (03/11/2015 11:46:03 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
RzFilter
 
Error: (03/11/2015 11:45:42 AM) (Source: Service Control Manager) (User: )
Description: The SXUPTP Driver service failed to start due to the following error: 
%%577
 
Error: (03/11/2015 08:12:27 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Flash Player Update Service service failed to start due to the following error: 
%%1053
 
Error: (03/11/2015 08:12:27 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/11/2015 01:17:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (02/23/2013 05:03:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5811 seconds with 4500 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-11 11:45:42.447
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 11:45:42.245
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 11:44:50.692
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 11:44:50.504
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 01:13:38.772
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 01:13:38.592
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 01:13:18.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-11 01:13:18.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-10 07:45:19.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-10 07:45:19.399
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\sxuptp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
ACR version 0.222 (HKLM-x32\...\{D3D02004-0977-4BB1-8FE8-8BC4230DCEEC}}_is1) (Version:  - Eutechnyx, Ltd)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AllShare Play 1.5.0.1301241209 (HKLM\...\8474-7877-9059-0204) (Version: 1.5.0.1301241209 - Copyright 2013 SAMSUNG)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.4 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Best Buy pc app (Version: 3.2.2.1 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.2.1 - Best Buy) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)
Content Manager Assistant for PlayStation® (HKLM-x32\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.4) (Version: 5.0.1.4 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FINAL FANTASY XIII (HKLM-x32\...\Steam App 292120) (Version:  - SQUARE ENIX)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version:  - SQUARE ENIX)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Gateway Incorporated)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{7D220A57-969F-4D09-9297-D48195A8ABDD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{860B418B-F90B-465A-BC1D-04B518045C72}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Gateway Incorporated)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.40.25 - Oracle Corporation) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Player Codec Pack 4.2.0 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.0 - Media Player Codec Pack)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - ?????????? ??????????)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Control Panel 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.172.1357 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
RevTraxPrintMyCoupon (HKLM-x32\...\{19E8EBBF-55F3-41FB-AC8E-373BA0436939}) (Version: 1.0.0.0 - RevTrax)
SharePort Plus (HKLM\...\SharePort Plus) (Version: 4.2.0 - D-Link Corporation)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
This War of Mine ver. 1.1.3 (HKLM-x32\...\{31324144-51SX-12KI-92J0-91DD6F2186AC}_is1) (Version: 1.1.3 - 11 bit studios)
Update for Microsoft Office 2007 Help for Common Features (KB957244) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{C8C72583-C907-4D20-8973-C3858D96BD9E}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB957241) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{D670F9B9-3E84-47B5-8A4A-618B65DB1593}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 Help (KB957243) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{766DF26B-5F03-48ED-9307-5326F2790ED0}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB957245) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{7332DE60-DC79-4578-A60A-A5EA0D6E032B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB957246) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{6F0E4983-E419-4591-B7DD-EFB0073D3E47}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BC0B6553-7271-4D52-A076-E9A4780611E8}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB957249) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4E140A5A-4A90-404A-B955-10C2D98CD3EE}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Script Editor Help (KB957253) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{F21BF703-548C-47B2-B92A-6876E9566C42}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3008 - Gateway Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 6071.09 MB
Available physical RAM: 3747.4 MB
Total Pagefile: 12140.38 MB
Available Pagefile: 9289.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.38 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Gateway) (Fixed) (Total:919.41 GB) (Free:538.51 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JOSE-PC
 
Administrator            Gost                     Guest                    
Jose                     
 
 
**** End of log ****


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 11:32 AM

Uninstall the following programs:
  • Adobe AIR;
  • Catalina Savings Printer;
  • Coupon Printer for Windows;
  • Media Player Codec Pack 4.2.0;
  • RevTraxPrintMyCoupon;
sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible;
  • Go on ge.tt and upload the Autoruns file you saved;
  • Once done, post the download URL of your uploaded file in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 12:17 PM

All programs uninstalled and here is the link  http://ge.tt/3kHp13C2/v/0



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 12:48 PM

Seems like I cannot open it. Can you re-upload it to mega.co.nz and share the download URL? I suspect that ge.tt have been having some issues lately.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 01:28 PM

I need an account for that site, I tried again on ge.tt http://ge.tt/7riwA3C2/v/0 seems to work fine for me.


Edited by Negotron, 11 March 2015 - 01:29 PM.


#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 01:33 PM

Yeah it doesn't work for me. I'll try to download it and open it at home, but on my work laptop it just displays a blank file. Also, you don't need an account to use Mega. Simply click on the icon in the middle to upload a file.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 02:04 PM

Well I did upload it but to get the link it said I needed an account let me get the link and I dont see any other way of sharing it. It should be a autoruns file correct not a text file?


Edited by Negotron, 11 March 2015 - 02:05 PM.


#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 02:21 PM

Still cannot open it. This is really annoying. I'll try to open it once I get home and see what it gives. Did you launch Autoruns as an Admin, and also did you wait until every entry was loaded before saving it?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 03:12 PM

Yes as administrator but I don't know if everything was loaded it appeared like it was. I did it again and waited till in the bottom left of autoruns said ready I think that means every thing is loaded.

 

http://ge.tt/6FyyQ3C2/v/0


Edited by Negotron, 11 March 2015 - 03:13 PM.


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 11 March 2015 - 04:09 PM

Alright good, now it works. Did you have the programs: WinPatrol, MagicISO, Wondershare Video Converter and Roxio installed in the past?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 Negotron

Negotron
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jacksonville, FL
  • Local time:09:55 AM

Posted 11 March 2015 - 05:16 PM

I had winpatrol before though I dont remember uninstalling it. Magiciso was installed a few days ago and quickly removed. I might had wondershare before when I was looking for a converter but Rozio I cant remember if I did had to be long ago.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users