ksoreide

Members
  • Content Count

    21
  • Joined

  • Last visited

About ksoreide

  • Rank
    Member
  1. I will download firefox!! thanks. will definitly recommend you!!! thanks for all your help!!
  2. adobe flash player update link not working....
  3. windows internet explorer is not working but google chrome is. i will do the updates you posted above
  4. i dont see any that say run as admin
  5. where do i find tho otl.exe to right click it??
  6. Results of screen317's Security Check version 0.99.89 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 10 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 38.0.2125.104 Google Chrome 38.0.2125.111 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSASCui.exe Windows Defender MSASCui.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 afwServ.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log``````````````````````
  7. All processes killed ========== OTL ========== Error: No service named ‮etadpug was found to stop! Unable to delete service\driver key ‮etadpug. File C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\‮ﯹ๛\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\???\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe <] not found. Error: No service named syvbdlxk was found to stop! Service\Driver key syvbdlxk not found. File C:\Windows\system32\drivers\syvbdlxk.sys not found. Error: No service named NwlnkFwd was found to stop! Service\Driver key NwlnkFwd not found. File system32\DRIVERS\nwlnkfwd.sys not found. Error: No service named NwlnkFlt was found to stop! Service\Driver key NwlnkFlt not found. File system32\DRIVERS\nwlnkflt.sys not found. Error: No service named mbr was found to stop! Service\Driver key mbr not found. File C:\Users\Cory\AppData\Local\Temp\mbr.sys not found. Error: No service named IpInIp was found to stop! Service\Driver key IpInIp not found. File system32\DRIVERS\ipinip.sys not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found. Registry key HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B8D847CD-B359-41A4-B7AE-90E1EB92D0D5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8D847CD-B359-41A4-B7AE-90E1EB92D0D5}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found. Folder C:\Users\Cory\AppData\Roaming\Mozilla\Extensions\ not found. Folder C:\Users\Cory\AppData\Roaming\Mozilla\Extensions\[email protected]\ not found. File C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0 not found. File C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0 not found. File C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0 not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PCKeeper2 not found. File move failed. C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk scheduled to be moved on reboot. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll deleted successfully. Folder C:\Users\Cory\Documents\Optimizer Pro\ not found. Folder C:\Program Files\SearchProtect\ not found. Folder C:\Program Files\Super Optimizer\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Cory ->Java cache emptied: 0 bytes User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Cory ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Cory ->Temp folder emptied: 48216 bytes ->Temporary Internet Files folder emptied: 753798 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 8396202 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 34320893 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37957709 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 78.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 11042014_174626 Files\Folders moved on Reboot... File\Folder C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
  8. OTL Extras logfile created on: 11/4/2014 5:26:54 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cory\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.61% Memory free 6.20 Gb Paging File | 4.58 Gb Available in Paging File | 73.91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 149.28 Gb Free Space | 67.01% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.49 Gb Free Space | 44.90% Space Free | Partition Type: NTFS Computer Name: CORY-PC | User Name: Cory | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7 "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604 "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79B9250E-3714-4877-A2B0-D6C1E93E471A}" = GeekBuddy "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81E14A67-42ED-4DD0-AE08-366FE3D3102E}" = HP Support Solutions Framework "{8956ABAC-F1A3-4AED-9D71-10C9084C081D}" = Snap.Do "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR "{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay "{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1" = Advanced-System Protector "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "avast" = avast! Internet Security "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "GoToAssist" = GoToAssist 8.0.0.514 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "PROSetDX" = Intel® PRO Network Connections 12.1.11.0 "Rapport_msi" = Trusteer Endpoint Protection "RealPlayer 15.0" = RealPlayer "SearchProtect" = Search Protect "WildTangent dell Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! NanoClient" = Yahoo! Axis "Yahoo! Search Defender" = Yahoo! Search Protection "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79931338-8266-46d9-9889-4166859248de}" = Snap.Do Engine ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/2/2014 10:14:07 PM | Computer Name = Cory-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1170 Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1170 Error - 11/2/2014 10:21:35 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2014 10:21:35 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2730 Error - 11/2/2014 10:29:32 PM | Computer Name = Cory-PC | Source = WinMgmt | ID = 10 Description = Error - 11/3/2014 12:03:47 AM | Computer Name = Cory-PC | Source = Application Error | ID = 1000 Description = Faulting application OTL.com, version 3.2.69.0, time stamp 0x2a425e19, faulting module RPCRT4.dll, version 6.0.6002.18882, time stamp 0x51dd2d9c, exception code 0xc0000005, fault offset 0x000afaf5, process id 0x15cc, application start time 0x01cff71107dd290f. Error - 11/4/2014 7:41:46 PM | Computer Name = Cory-PC | Source = WinMgmt | ID = 10 Description = Error - 11/4/2014 8:05:44 PM | Computer Name = Cory-PC | Source = Application Error | ID = 1000 Description = Faulting application OTL.scr, version 3.2.69.0, time stamp 0x2a425e19, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000005, fault offset 0x0004a152, process id 0x13e4, application start time 0x01cff88ac3819343. [ System Events ] Error - 11/2/2014 11:35:25 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7034 Description = Error - 11/2/2014 11:35:26 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7031 Description = Error - 11/4/2014 7:43:32 PM | Computer Name = Cory-PC | Source = DCOM | ID = 10005 Description = Error - 11/4/2014 7:43:32 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/4/2014 7:43:32 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/4/2014 7:44:02 PM | Computer Name = Cory-PC | Source = DCOM | ID = 10005 Description = Error - 11/4/2014 7:44:02 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/4/2014 7:44:02 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/4/2014 7:59:35 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7034 Description = Error - 11/4/2014 7:59:36 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7031 Description = < End of report >
  9. OTL logfile created on: 11/4/2014 5:26:54 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cory\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.61% Memory free 6.20 Gb Paging File | 4.58 Gb Available in Paging File | 73.91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 149.28 Gb Free Space | 67.01% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.49 Gb Free Space | 44.90% Space Free | Partition Type: NTFS Computer Name: CORY-PC | User Name: Cory | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/11/04 17:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cory\Downloads\OTL (2).com PRC - [2014/11/02 18:45:49 | 000,089,600 | ---- | M] () -- C:\Users\Cory\AppData\Roaming\VOPackage\VOsrv.exe PRC - [2014/10/21 21:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2014/09/24 14:09:32 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe PRC - [2014/09/22 21:04:34 | 002,607,384 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe PRC - [2014/09/22 21:04:34 | 001,919,256 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe PRC - [2014/04/09 06:13:04 | 000,279,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe PRC - [2014/03/06 14:47:22 | 000,049,464 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2013/05/09 01:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe PRC - [2012/07/25 08:57:48 | 000,157,016 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/02/03 06:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/11/03 07:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe PRC - [2008/10/04 11:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2008/10/04 11:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2008/09/30 08:03:14 | 000,820,464 | ---- | M] (Dell Inc.) -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe PRC - [2008/09/30 08:03:12 | 000,464,112 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Remote Access\ezi_ra.exe PRC - [2008/09/23 20:09:52 | 001,295,656 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe PRC - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2008/01/20 19:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007/05/11 06:26:44 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe ========== Modules (No Company Name) ========== MOD - [2014/10/21 21:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll MOD - [2014/10/21 21:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll MOD - [2014/10/21 10:58:25 | 015,880,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\77e3187042597b719af1e5f16096ea22\MenuSkinning.ni.dll MOD - [2014/10/21 10:58:06 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\df2a920b8e863d14ab8503f96c7b3ecd\VistaBridgeLibrary.ni.dll MOD - [2014/10/21 10:58:02 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\738c8aa4347b36988f555005a63cb9a0\System.Management.ni.dll MOD - [2014/10/21 10:58:01 | 002,500,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\26f446df5bd21dd338a855e2c2f87073\DellDock.ni.exe MOD - [2014/10/21 10:57:59 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\f411f628b6029786818987206112b525\MyDock.Util.ni.dll MOD - [2014/10/21 10:57:39 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a853267710221e6c57a5249dcf5511b8\System.Web.Services.ni.dll MOD - [2014/10/21 10:57:27 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a98a13deac020eca5e7dcb5ebb2b7414\System.Configuration.ni.dll MOD - [2014/10/21 10:36:20 | 005,465,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a224433c0fb9281862f36823e86822fc\System.Xml.ni.dll MOD - [2014/10/21 10:36:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f32d5986039f142f6e4f412de7c8901c\System.Windows.Forms.ni.dll MOD - [2014/10/21 10:35:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\65897bde93bce2462330f19ef677477d\System.Drawing.ni.dll MOD - [2014/10/21 10:32:47 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll MOD - [2014/09/22 19:00:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\6ccc2f167855025c161a81628c49f88f\Accessibility.ni.dll MOD - [2014/09/22 18:57:58 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll MOD - [2014/03/23 16:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll MOD - [2014/02/12 19:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2014/02/12 19:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008/11/03 07:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe MOD - [2008/11/03 07:54:00 | 000,262,384 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll MOD - [2008/11/03 07:54:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2008/11/03 07:54:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll MOD - [2008/11/03 07:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll MOD - [2008/11/03 07:54:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Unknown] -- C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\‮ﯹ๛\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\???\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe <] -- (‮etadpug) SRV - [2014/11/02 18:45:49 | 000,089,600 | ---- | M] () [Auto | Running] -- C:\Users\Cory\AppData\Roaming\VOPackage\VOsrv.exe -- (servervo) SRV - [2014/09/29 10:15:19 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/09/25 06:04:46 | 000,070,864 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher) SRV - [2014/09/24 14:09:32 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2014/09/22 21:04:34 | 001,919,256 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService) SRV - [2014/04/09 06:12:50 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService) SRV - [2014/03/06 14:47:22 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/05/09 01:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall) SRV - [2012/07/25 08:57:48 | 000,157,016 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe -- (YNanoService) SRV - [2008/12/19 01:20:49 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/04 11:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SRV - [2008/09/30 08:03:14 | 000,820,464 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc) SRV - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008/07/04 16:17:48 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2014/11/02 18:19:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014/10/21 10:35:56 | 000,430,264 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80055.sys -- (RapportCerberus_80055) DRV - [2014/09/22 21:04:42 | 000,332,696 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG) DRV - [2014/09/22 21:04:42 | 000,251,288 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI) DRV - [2014/09/22 21:04:42 | 000,208,888 | ---- | M] (IBM Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL) DRV - [2014/06/25 22:33:56 | 000,015,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\hmd.sys -- (HMD) DRV - [2014/06/25 22:33:42 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD) DRV - [2013/07/27 06:37:11 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/07/27 06:37:09 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/05/09 01:59:09 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013/05/09 01:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2013/05/09 01:59:08 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW) DRV - [2013/03/13 11:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis) DRV - [2008/06/17 10:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet) DRV - [2007/04/29 01:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKLM\..\URLSearchHook: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49905;https=127.0.0.1:49905 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49905;https=127.0.0.1:49905 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..\SearchScopes\{D48F3AFA-E63A-42E7-81C3-AD8DA3D2C3F6}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/05 20:17:25 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tvncontrol] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - Startup: C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3D6E85A-AF8F-4DAD-A080-9DE1998C8446}: DhcpNameServer = 192.168.0.1 205.171.2.25 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\inspiron_DT_1152x864_03.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\inspiron_DT_1152x864_03.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2014/11/02 20:35:24 | 000,000,000 | ---D | C] -- C:\_OTL [2014/11/02 19:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\2308189059 [2014/11/02 18:34:07 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Kromtech [2014/11/02 18:33:54 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Zeoinsight [2014/11/02 18:33:53 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\ZBAnalyticsCore [2014/11/02 18:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak [2014/11/02 18:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\ASP [2014/11/02 18:29:11 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\SearchProtect [2014/11/02 18:27:34 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Roaming\Systweak [2014/11/02 18:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\RCP [2014/11/02 18:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\CommonShare [2014/11/02 18:19:49 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014/11/02 18:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014/11/02 18:18:55 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys [2014/11/02 18:18:55 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys [2014/11/02 18:18:54 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2014/11/02 18:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [2014/11/02 18:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/11/02 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Roaming\VOPackage [2014/11/02 18:01:58 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\ospd_us_349 [2014/11/02 18:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY [2014/11/02 18:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\ospd_us_349 [2014/11/02 18:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\LPT [2014/11/02 17:58:46 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\LPT [2014/11/02 17:58:42 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Smartbar [2014/11/02 17:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kromtech [2014/11/02 17:21:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2014/11/02 16:31:28 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll [2014/11/02 16:29:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/10/22 17:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [2014/10/22 17:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\COMODO [2014/10/18 02:05:29 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2014/10/18 02:05:29 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2014/10/18 02:03:05 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014/10/18 02:00:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2014/10/17 20:03:47 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/10/17 20:03:47 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/10/17 20:03:47 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014/10/17 20:03:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/10/17 20:03:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014/10/17 20:03:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014/10/17 20:03:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014/10/17 20:03:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014/10/17 20:03:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014/10/17 20:03:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014/10/17 20:03:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/10/17 20:03:43 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2009/08/19 20:02:29 | 008,270,752 | ---- | C] (Dell, Inc. ) -- C:\Users\Cory\AppData\Roaming\DataSafeDotNet.exe ========== Files - Modified Within 30 Days ========== [2014/11/04 17:19:41 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/11/04 17:18:56 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/11/04 17:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/11/04 16:48:52 | 000,641,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014/11/04 16:48:51 | 000,119,172 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014/11/04 16:40:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014/11/04 16:40:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014/11/04 16:40:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/11/04 16:40:05 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys [2014/11/02 19:59:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2014/11/02 19:59:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2014/11/02 19:08:27 | 000,000,878 | ---- | M] () -- C:\Users\Cory\Desktop\Continue Live Installation.lnk [2014/11/02 18:48:56 | 000,024,064 | ---- | M] () -- C:\Users\Cory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/11/02 18:19:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014/11/02 18:19:11 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/11/02 15:24:21 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/10/28 06:35:00 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2014/10/22 17:35:11 | 000,001,878 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014/10/21 10:28:29 | 000,282,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2014/11/02 19:59:22 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2014/11/02 19:59:22 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2014/11/02 19:08:27 | 000,000,878 | ---- | C] () -- C:\Users\Cory\Desktop\Continue Live Installation.lnk [2014/11/02 18:32:36 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe [2014/11/02 18:27:31 | 000,018,280 | ---- | C] () -- C:\Windows\System32\roboot.exe [2014/11/02 18:19:11 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/06/25 22:33:56 | 000,015,400 | ---- | C] () -- C:\Windows\System32\drivers\hmd.sys [2013/12/24 11:21:39 | 000,036,864 | ---- | C] () -- C:\Windows\hpfsched.exe [2013/12/24 11:21:32 | 000,004,760 | ---- | C] () -- C:\Windows\hphmdl11.dat [2013/08/19 17:48:35 | 000,109,207 | ---- | C] () -- C:\Users\Cory\Golden Gate bridge night.jpg [2013/08/10 08:27:17 | 000,003,854 | ---- | C] () -- C:\Users\Cory\Guitar.jpg [2013/08/08 15:29:32 | 000,005,716 | ---- | C] () -- C:\Users\Cory\Midnight Riders logo.jpg [2013/07/27 06:37:16 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013/07/27 06:37:15 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013/07/27 06:37:12 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013/07/26 17:09:27 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013/07/26 17:09:26 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013/07/26 09:47:23 | 000,012,434 | ---- | C] () -- C:\Users\Cory\CenturyLink_Configuration_Details.mht [2009/05/04 13:11:41 | 000,001,370 | ---- | C] () -- C:\Users\Cory\AppData\Roaming\wklnhst.dat [2008/12/24 21:43:12 | 000,024,064 | ---- | C] () -- C:\Users\Cory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011/07/11 15:33:40 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2014/11/02 18:32:51 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\Systweak [2010/06/24 16:12:21 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\Template [2014/11/02 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\VOPackage [2008/12/24 22:04:06 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\WildTangent ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3 < End of report >
  10. that is what popped up when i had to restart computer after OTL fix quit. just wanted you to see that
  11. Files\Folders moved on Reboot... File\Folder C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk not found! File move failed. C:\Windows\temp\TMP00000001643F1C72B4CDF070 scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  12. OTL logfile created on: 11/2/2014 7:52:41 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cory\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.15% Memory free 6.21 Gb Paging File | 4.70 Gb Available in Paging File | 75.78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 145.12 Gb Free Space | 65.14% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.49 Gb Free Space | 44.90% Space Free | Partition Type: NTFS Computer Name: CORY-PC | User Name: Cory | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/11/02 19:50:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cory\Downloads\OTL.com PRC - [2014/11/02 18:45:49 | 000,089,600 | ---- | M] () -- C:\Users\Cory\AppData\Roaming\VOPackage\VOsrv.exe PRC - [2014/10/21 21:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2014/09/25 06:04:48 | 000,258,256 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\COMODO\GeekBuddy\unit_manager.exe PRC - [2014/09/25 06:04:48 | 000,243,920 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\COMODO\GeekBuddy\unit.exe PRC - [2014/09/25 06:04:46 | 000,070,864 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\COMODO\launcher_service.exe PRC - [2014/09/24 14:09:32 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe PRC - [2014/09/22 21:04:34 | 002,607,384 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe PRC - [2014/09/22 21:04:34 | 001,919,256 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe PRC - [2014/04/09 06:13:04 | 000,279,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2013/05/09 01:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe PRC - [2012/07/25 08:57:48 | 000,157,016 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/02/03 06:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/11/03 07:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe PRC - [2008/10/04 11:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2008/10/04 11:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2008/09/23 20:09:52 | 001,295,656 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe PRC - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2008/01/20 19:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007/05/11 06:26:44 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe ========== Modules (No Company Name) ========== MOD - [2014/10/21 21:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll MOD - [2014/10/21 21:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll MOD - [2014/10/21 21:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll MOD - [2014/10/21 10:58:25 | 015,880,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\77e3187042597b719af1e5f16096ea22\MenuSkinning.ni.dll MOD - [2014/10/21 10:58:06 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\df2a920b8e863d14ab8503f96c7b3ecd\VistaBridgeLibrary.ni.dll MOD - [2014/10/21 10:58:02 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\738c8aa4347b36988f555005a63cb9a0\System.Management.ni.dll MOD - [2014/10/21 10:58:01 | 002,500,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\26f446df5bd21dd338a855e2c2f87073\DellDock.ni.exe MOD - [2014/10/21 10:57:59 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\f411f628b6029786818987206112b525\MyDock.Util.ni.dll MOD - [2014/10/21 10:57:39 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a853267710221e6c57a5249dcf5511b8\System.Web.Services.ni.dll MOD - [2014/10/21 10:57:27 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a98a13deac020eca5e7dcb5ebb2b7414\System.Configuration.ni.dll MOD - [2014/10/21 10:36:20 | 005,465,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a224433c0fb9281862f36823e86822fc\System.Xml.ni.dll MOD - [2014/10/21 10:36:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f32d5986039f142f6e4f412de7c8901c\System.Windows.Forms.ni.dll MOD - [2014/10/21 10:35:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\65897bde93bce2462330f19ef677477d\System.Drawing.ni.dll MOD - [2014/10/21 10:32:47 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll MOD - [2014/09/22 19:00:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\6ccc2f167855025c161a81628c49f88f\Accessibility.ni.dll MOD - [2014/09/22 18:57:58 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll MOD - [2014/03/23 16:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll MOD - [2014/02/12 19:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2014/02/12 19:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008/11/03 07:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe MOD - [2008/11/03 07:54:00 | 000,262,384 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll MOD - [2008/11/03 07:54:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2008/11/03 07:54:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll MOD - [2008/11/03 07:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll MOD - [2008/11/03 07:54:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\‮ﯹ๛\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\ \...\???\{f43d7468-0d77-6d66-ea35-25d35bdbc287}\GoogleUpdate.exe <] -- (‮etadpug) SRV - [2014/11/02 18:45:49 | 000,089,600 | ---- | M] () [Auto | Running] -- C:\Users\Cory\AppData\Roaming\VOPackage\VOsrv.exe -- (servervo) SRV - [2014/09/29 10:15:19 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/09/25 06:04:46 | 000,070,864 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher) SRV - [2014/09/24 14:09:32 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2014/09/22 21:04:34 | 001,919,256 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService) SRV - [2014/04/09 06:12:50 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService) SRV - [2014/03/06 14:47:22 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/05/09 01:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall) SRV - [2012/07/25 08:57:48 | 000,157,016 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe -- (YNanoService) SRV - [2008/12/19 01:20:49 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/04 11:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SRV - [2008/09/30 08:03:14 | 000,820,464 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc) SRV - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008/07/04 16:17:48 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\syvbdlxk.sys -- (syvbdlxk) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Cory\AppData\Local\Temp\mbr.sys -- (mbr) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2014/11/02 18:19:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014/10/21 10:35:56 | 000,430,264 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80055.sys -- (RapportCerberus_80055) DRV - [2014/09/22 21:04:42 | 000,332,696 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG) DRV - [2014/09/22 21:04:42 | 000,251,288 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI) DRV - [2014/09/22 21:04:42 | 000,208,888 | ---- | M] (IBM Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL) DRV - [2014/06/25 22:33:56 | 000,015,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\hmd.sys -- (HMD) DRV - [2014/06/25 22:33:42 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD) DRV - [2013/07/27 06:37:11 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/07/27 06:37:09 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/05/09 01:59:09 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013/05/09 01:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2013/05/09 01:59:08 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW) DRV - [2013/03/13 11:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis) DRV - [2008/06/17 10:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet) DRV - [2007/04/29 01:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKLM\..\URLSearchHook: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49905;https=127.0.0.1:49905 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49905;https=127.0.0.1:49905 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com/Results.aspx?gd=&ctid=CT3330120&octid=EB_ORIGINAL_CTID&ISID=MEF5F6DCD-82AA-4E58-A28B-2A33D4DBCC44&SearchSource=58&CUI=&UM=6&UP=SP164368FF-CF6B-4DE1-8124-B213BE3A6526&q={searchTerms}&SSPV= IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..\SearchScopes\{B8D847CD-B359-41A4-B7AE-90E1EB92D0D5}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/05 20:17:25 | 000,000,000 | ---D | M] [2009/02/28 11:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cory\AppData\Roaming\Mozilla\Extensions [2009/02/28 11:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cory\AppData\Roaming\Mozilla\Extensions\[email protected] ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: No name found = C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\ CHR - Extension: No name found = C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: No name found = C:\Users\Cory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn1\YNanoClient_IE.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tvncontrol] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000..\Run: [PCKeeper2] "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun File not found O4 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - HKLM..\RunOnce: [upospd_us_349.exe] C:\Users\Cory\AppData\Local\ospd_us_349\upospd_us_349.exe () O4 - HKLM..\RunOnce: [VOPackage] C:\Users\Cory\AppData\Roaming\VOPackage\VOPackage.exe () O4 - Startup: C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Cory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O7 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\Software\Policies\Microsoft\Internet Explorer\SearchScopes present O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2920039684-3325085463-2878161145-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3D6E85A-AF8F-4DAD-A080-9DE1998C8446}: DhcpNameServer = 192.168.0.1 205.171.2.25 O20 - AppInit_DLLs: (c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\inspiron_DT_1152x864_03.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\inspiron_DT_1152x864_03.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2014/11/02 19:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\2308189059 [2014/11/02 18:34:07 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Kromtech [2014/11/02 18:33:54 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Zeoinsight [2014/11/02 18:33:53 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\ZBAnalyticsCore [2014/11/02 18:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak [2014/11/02 18:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\ASP [2014/11/02 18:29:11 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\SearchProtect [2014/11/02 18:27:34 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Roaming\Systweak [2014/11/02 18:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\RCP [2014/11/02 18:26:59 | 000,000,000 | ---D | C] -- C:\Users\Cory\Documents\Optimizer Pro [2014/11/02 18:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect [2014/11/02 18:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\Super Optimizer [2014/11/02 18:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\CommonShare [2014/11/02 18:19:49 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014/11/02 18:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014/11/02 18:18:55 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys [2014/11/02 18:18:55 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys [2014/11/02 18:18:54 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2014/11/02 18:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [2014/11/02 18:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/11/02 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Roaming\VOPackage [2014/11/02 18:01:58 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\ospd_us_349 [2014/11/02 18:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY [2014/11/02 18:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\ospd_us_349 [2014/11/02 18:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\LPT [2014/11/02 17:58:46 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\LPT [2014/11/02 17:58:42 | 000,000,000 | ---D | C] -- C:\Users\Cory\AppData\Local\Smartbar [2014/11/02 17:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kromtech [2014/11/02 17:21:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2014/11/02 16:31:28 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll [2014/11/02 16:29:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/10/22 17:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [2014/10/22 17:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\COMODO [2014/10/18 02:05:29 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2014/10/18 02:05:29 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2014/10/18 02:03:05 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014/10/18 02:00:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2014/10/17 20:03:47 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/10/17 20:03:47 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/10/17 20:03:47 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014/10/17 20:03:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/10/17 20:03:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014/10/17 20:03:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014/10/17 20:03:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014/10/17 20:03:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014/10/17 20:03:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014/10/17 20:03:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014/10/17 20:03:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/10/17 20:03:43 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2009/08/19 20:02:29 | 008,270,752 | ---- | C] (Dell, Inc. ) -- C:\Users\Cory\AppData\Roaming\DataSafeDotNet.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/11/02 19:35:44 | 000,641,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014/11/02 19:35:44 | 000,119,172 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014/11/02 19:33:51 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014/11/02 19:33:47 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014/11/02 19:28:35 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/11/02 19:26:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/11/02 19:26:40 | 3207,819,264 | -HS- | M] () -- C:\hiberfil.sys [2014/11/02 19:14:19 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/11/02 19:08:27 | 000,000,878 | ---- | M] () -- C:\Users\Cory\Desktop\Continue Live Installation.lnk [2014/11/02 18:48:56 | 000,024,064 | ---- | M] () -- C:\Users\Cory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/11/02 18:19:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014/11/02 18:19:11 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/11/02 18:19:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/11/02 15:24:21 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/10/28 06:35:00 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2014/10/22 17:35:11 | 000,001,878 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014/10/21 10:28:29 | 000,282,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/11/02 19:08:27 | 000,000,878 | ---- | C] () -- C:\Users\Cory\Desktop\Continue Live Installation.lnk [2014/11/02 18:32:36 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe [2014/11/02 18:27:31 | 000,018,280 | ---- | C] () -- C:\Windows\System32\roboot.exe [2014/11/02 18:19:11 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/06/25 22:33:56 | 000,015,400 | ---- | C] () -- C:\Windows\System32\drivers\hmd.sys [2013/12/24 11:21:39 | 000,036,864 | ---- | C] () -- C:\Windows\hpfsched.exe [2013/12/24 11:21:32 | 000,004,760 | ---- | C] () -- C:\Windows\hphmdl11.dat [2013/08/19 17:48:35 | 000,109,207 | ---- | C] () -- C:\Users\Cory\Golden Gate bridge night.jpg [2013/08/10 08:27:17 | 000,003,854 | ---- | C] () -- C:\Users\Cory\Guitar.jpg [2013/08/08 15:29:32 | 000,005,716 | ---- | C] () -- C:\Users\Cory\Midnight Riders logo.jpg [2013/07/27 06:37:16 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013/07/27 06:37:15 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013/07/27 06:37:12 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013/07/26 17:09:27 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013/07/26 17:09:26 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013/07/26 09:47:23 | 000,012,434 | ---- | C] () -- C:\Users\Cory\CenturyLink_Configuration_Details.mht [2009/05/04 13:11:41 | 000,001,370 | ---- | C] () -- C:\Users\Cory\AppData\Roaming\wklnhst.dat [2008/12/24 21:43:12 | 000,024,064 | ---- | C] () -- C:\Users\Cory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011/07/11 15:33:40 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2011/11/14 09:26:47 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\LimeWire [2014/11/02 18:32:51 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\Systweak [2010/06/24 16:12:21 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\Template [2014/11/02 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\VOPackage [2008/12/24 22:04:06 | 000,000,000 | ---D | M] -- C:\Users\Cory\AppData\Roaming\WildTangent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3 < End of report >
  13. OTL Extras logfile created on: 11/2/2014 7:52:41 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cory\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.15% Memory free 6.21 Gb Paging File | 4.70 Gb Available in Paging File | 75.78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 145.12 Gb Free Space | 65.14% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.49 Gb Free Space | 44.90% Space Free | Partition Type: NTFS Computer Name: CORY-PC | User Name: Cory | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7 "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604 "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79B9250E-3714-4877-A2B0-D6C1E93E471A}" = GeekBuddy "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81E14A67-42ED-4DD0-AE08-366FE3D3102E}" = HP Support Solutions Framework "{8956ABAC-F1A3-4AED-9D71-10C9084C081D}" = Snap.Do "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR "{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay "{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1" = Advanced-System Protector "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "avast" = avast! Internet Security "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "GoToAssist" = GoToAssist 8.0.0.514 "LimeWire" = LimeWire 5.5.16 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "PROSetDX" = Intel® PRO Network Connections 12.1.11.0 "Rapport_msi" = Trusteer Endpoint Protection "RealPlayer 15.0" = RealPlayer "SearchProtect" = Search Protect "WildTangent dell Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! NanoClient" = Yahoo! Axis "Yahoo! Search Defender" = Yahoo! Search Protection "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2920039684-3325085463-2878161145-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79931338-8266-46d9-9889-4166859248de}" = Snap.Do Engine ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/2/2014 9:02:15 PM | Computer Name = Cory-PC | Source = Perflib | ID = 1008 Description = Error - 11/2/2014 10:14:07 PM | Computer Name = Cory-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 11/2/2014 10:14:07 PM | Computer Name = Cory-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 11/2/2014 10:14:07 PM | Computer Name = Cory-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1170 Error - 11/2/2014 10:21:34 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1170 Error - 11/2/2014 10:21:35 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/2/2014 10:21:35 PM | Computer Name = Cory-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2730 Error - 11/2/2014 10:29:32 PM | Computer Name = Cory-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 11/2/2014 8:37:30 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7024 Description = Error - 11/2/2014 8:37:30 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/2/2014 9:29:09 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/2/2014 10:27:02 PM | Computer Name = Cory-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 7:21:31 PM on 11/2/2014 was unexpected. Error - 11/2/2014 10:29:34 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7024 Description = Error - 11/2/2014 10:29:34 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/2/2014 10:29:34 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/2/2014 10:29:34 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/2/2014 10:30:44 PM | Computer Name = Cory-PC | Source = Service Control Manager | ID = 7022 Description = < End of report >