Sponsored By

Sign in to follow this  
smpingl

Slow Computer!

Recommended Posts

Howdy smping and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Do Not Remove anything or run any tools/programs until advised to do so !


Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  



===================================



AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the "Cleaning" button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!



NEXT



    Download Malwarebytes' Anti-Malware (save it to your desktop).  >>>   http://api.viglink.com/api/click?format=go&jsonp=vglnk_142716402237113&key=9b4efad421c8b103b2c94b796db973b0&libId=i7moiq1n01002u9u000DAjanrgva6&subId=ada8cd58e448a82cf9bb2f2782266d43&loc=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D129391%26page%3D1&v=1&out=http%3A%2F%2Fwww.malwarebytes.org%2Fmwb-download%2Fconfirm%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&ref=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3D49c36eb57530cd237bc7129892da2191%26showforum%3D27&title=can%27t%20download%20or%20run%20malwarebyts%20%5BSolved%5D%20-%20What%20the%20Tech&txt=http%3A%2F%2Fwww.malwareby...m_medium%3Dsocial

      * Windows XP : Double click on the icon to run it.
      *  Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      *  Select Scan tab.

Malwarebytes.png

* Select type of scan to perform:

MBAMScanTab_zps2c5e74bd.gif
   
  * Threat Scan < --- Select this type of scan
  * Custom Scan
  * Hyper Scan

Next click the Scan button.

When the scan is complete, if no malicious items are found you can close the program.

If malicious items are found be sure that everything is checked, and click Quarantine .

When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
 
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

MalwareByte logs can be found here !
For others wanting to know, MBAM scan logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd

Protection Logs are saved to:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-yyyy-mm-dd

NEXT



Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com

Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes Log
4. DDS logs (2 logs)
Thanks
Chuck
 

 

Work on these as your time permits !!

Share this post


Link to post
Share on other sites

# AdwCleaner v4.208 - Logfile created 08/08/2015 at 11:25:01
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [server]
# Operating system : Windows Vista Home Premium Service Pack 2 (x86)
# Username : carrie mae - CARRIEMAE-PC
# Running from : C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4XOJD0C\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DriverCure
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\Defender Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\Object
Folder Deleted : C:\Program Files\Coupons
Folder Deleted : C:\Program Files\Coupon Savings
Folder Deleted : C:\Program Files\CouponAlert_2pEI
Folder Deleted : C:\Users\carrie mae\AppData\Local\OpenCandy
Folder Deleted : C:\Users\carrie mae\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\carrie mae\AppData\LocalLow\CouponAlert_2pEI
Folder Deleted : C:\Users\carrie mae\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\carrie mae\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\carrie mae\Documents\iMesh
Folder Deleted : C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\Extensions\[email protected]
Folder Deleted : C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\Extensions\[email protected]
Folder Deleted : C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl
File Deleted : C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_peglehonblabfemopkgmfcpofbchegcl_0.localstorage
File Deleted : C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_peglehonblabfemopkgmfcpofbchegcl_0.localstorage-journal
File Deleted : C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\peglehonblabfemopkgmfcpofbchegcl
File Deleted : C:\Users\carrie mae\uninstaller.exe
File Deleted : C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\invalidprefs.js
File Deleted : C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\searchplugins\bingp.xml
File Deleted : C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\searchplugins\safesearch.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\bho_project.bho_object
Key Deleted : HKLM\SOFTWARE\Classes\bho_project.bho_object.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66D8FBA6-D90F-40A9-AC55-84896F79CA69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3492A3A-6715-9371-F8DB-1C48CC4DAAA1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66D8FBA6-D90F-40A9-AC55-84896F79CA69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66D8FBA6-D90F-40A9-AC55-84896F79CA69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66D8FBA6-D90F-40A9-AC55-84896F79CA69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\iWon
Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2pEI
Key Deleted : HKLM\SOFTWARE\Bandoo
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\W3I
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Savings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hblitesa
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Coupon Printer for Windows5.0.0.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16476

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Redirect Cache]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page Redirect Cache]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [blank]

-\\ Mozilla Firefox v39.0 (x86 en-US)

-\\ Google Chrome v44.0.2403.130

[C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=NSBU&chn=retail&geo=US&ver=22&locale=en_US&gct=sb&qsrc=2869

*************************

AdwCleaner[R0].txt - [11648 bytes] - [08/08/2015 11:20:43]
AdwCleaner[s0].txt - [11329 bytes] - [08/08/2015 11:25:01]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11389  bytes] ##########

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows Vista Home Premium x86
Ran by carrie mae on Sat 08/08/2015 at 11:35:37.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C3F62D94-EEBB-11E1-B88F-CBBD4CC15727}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{05F88842-9EA2-4C1C-B34B-74F9622CC459}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{87109EEE-E0BF-4ED2-951E-13E2421D9CA8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3F62D94-EEBB-11E1-B88F-CBBD4CC15727}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}

 

~~~ Files

Successfully deleted: [File] C:\Users\carrie mae\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\carrie mae\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage-journal

 

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{001B4975-EB59-401A-9E4B-D64D525DBB1E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{00AAEAEB-29F0-470F-86EB-7C417A26CA6D}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{062008FB-F0AE-4642-B137-6115064648D2}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{087ACF44-669C-48EC-8ED4-BED5A5EDB027}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{08A2E173-A870-47F1-85DF-E18CFBD0D913}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{0CE326E0-B6BA-44E6-9F5A-CF2E148AA3C6}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{0DC99025-9033-41F4-9233-2D38EDC17B90}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{0EC2EC8B-A969-4B2A-B568-6545E1782EF0}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{1629E7BC-009A-44BC-92E3-1E0EB3A0F651}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{1BF13642-0A72-48FC-B6C4-1764305C2BC3}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{1E05BD16-0DC5-4FFC-BA34-57F66C6E5A24}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{1F7D2CD6-A5BD-449C-B8F9-8552F7B35F93}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{20476886-737F-4EF7-8045-A3D6638AD120}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{24769317-2C4A-4660-AF55-0C5154283451}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{24D8C80F-EFC7-4C2B-90AF-7E0A128ABFAA}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{25E9E331-E844-406F-84FF-D01547F25733}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{2E50FFC8-C2F5-4242-97B1-EA677EB9D2D0}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{3027292F-51A7-4E13-A21C-3A38FD68CAE4}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{31AB0CE0-E67F-4D81-B01F-049A7E10B700}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{3304907E-95A8-4ECD-AA8B-53F086B9A698}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{3A90FC6E-6953-4417-AFE1-7DA87A5D20E5}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{3B5956B9-07AA-4EC5-ADF3-A696DA26306B}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{3C02212E-33D5-485A-AF24-341807F95703}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{4027395B-5D25-4BB9-8E7E-82F4881CBE75}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{4399FCAC-5896-4F00-AC7F-2465C865D18F}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{4498FDF0-9A4C-4D9F-A5A3-A2FB617ABA28}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{45B7634D-FE57-4522-A79E-D24F2F2D885A}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{4943B94A-936C-4AA2-83F9-C59C72977215}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{49C82933-21EC-498D-9552-88F4EA4557B2}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{4A2586D0-ED7E-4F63-A2C4-5BB0F471EF22}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{51716BF7-BBF6-4E0A-A362-985F771145C3}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{54E5922D-51D8-470F-B127-CA59D97C2F72}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{5C636BC1-430A-46C7-97BC-5D3934DA8703}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{5CEB18FE-EB83-4E68-B3A2-8B4DAC409010}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{6635042E-39ED-4004-87C0-A33DBF62194C}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{6C9E6F23-310D-4F00-9412-58DBDE9A04A0}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{6EA5D861-C07E-4B1D-AFAF-8EE1BEEEA966}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{7135CDED-E47A-426F-A353-DAC716D5D141}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{735D8728-D630-4C6A-87F9-B34209A6E160}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{74C45E6F-5CE5-459B-9ABA-27ECA893A43A}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{774FDB20-7548-412F-ACD2-35BD88C7D4D4}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{897943F7-7C68-44EA-99FF-EAA64FFF01BB}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{8AE9C49A-A6D1-4B96-AD5B-1202BC6B587E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{92341633-8753-46DF-AAAC-E380558C4560}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{9259CAF2-88FD-48A7-89FD-173C6AB0AC2D}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{9694328A-F3B0-4D7A-B60E-62785853CF27}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{986C29E7-0253-4B10-84B0-A25B1797469E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{9BFDA7CC-2882-41CB-A330-5B5E5BDF9B69}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{9C7F3B2C-6797-4C51-A3A4-E990C90B27BF}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{A45D838B-BCD5-43A9-816F-4D8703D61F1A}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{A46107F3-8337-4D40-98BA-329EBAD0D59B}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{A5619567-09FA-469F-9B36-77ECC5817ADC}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{A99965AA-68A1-4580-82C5-E883871CE03F}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{B23AE5A8-5A5D-47C0-AEF9-2BAA306BAB8E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{B39CD725-9AAF-4BEC-BB7B-57215500A32B}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{BB2662DC-5DBA-4919-B8D5-690CAA4BB194}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{BDC342A0-1975-4D41-9DB3-391C289618F1}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{C32EB52D-2C22-40C1-B80B-77251695E379}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{CB6EF46F-AB12-4CE1-A20E-DBEDFF822C1E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{CC28569F-E7B7-4266-BE5C-5CED3AA39E94}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D22B5FFE-597F-411C-9423-630D824F8E21}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D51AC572-DC46-44A7-9DD9-837557285519}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D5A0E013-D616-4BB0-B776-B0200F75994C}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D677ECA0-3181-4869-8275-90FD62FC1F00}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D7D910A4-4348-4012-A845-58AC7706AF60}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D804D502-F2C9-494A-B321-1FCBE510AE01}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{D85DEEDE-8DB6-410B-9D5E-8E6F116D202E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{DE799C5D-1CAA-451D-8B52-4F3F6FCD35AB}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{E57AB4C9-1620-49D3-A027-F12C2B730D90}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{EC5ECE89-0497-489A-9F95-C5B95D02919E}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{F96C97B4-3558-423E-B7D7-2DAC02088618}
Successfully deleted: [Empty Folder] C:\Users\carrie mae\Appdata\Local\{FB48B98B-184F-47C7-9F41-711A5EFF2114}
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\carrie mae\Appdata\LocalLow\couponalert_2p

 

~~~ FireFox

Emptied folder: C:\Users\carrie mae\AppData\Roaming\mozilla\firefox\profiles\1fc9l08q.default\minidumps [20 files]

 

~~~ Chrome

[C:\Users\carrie mae\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\carrie mae\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
peglehonblabfemopkgmfcpofbchegcl

[C:\Users\carrie mae\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\carrie mae\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  peglehonblabfemopkgmfcpofbchegcl
]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/08/2015 at 11:42:14.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Smping, good job so far, no wonder it was running slow !

 

We will have more after these programs to do !! So stay with me till we get it all !!

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Protection, 8/8/2015 12:08:54 PM, SYSTEM, CARRIEMAE-PC, Protection, Malware Protection, Starting,
Protection, 8/8/2015 12:08:54 PM, SYSTEM, CARRIEMAE-PC, Protection, Malware Protection, Started,
Protection, 8/8/2015 12:08:54 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Starting,
Error, 8/8/2015 12:09:25 PM, SYSTEM, CARRIEMAE-PC, Update, Bad md5 or size: akadomains, 11,
Error, 8/8/2015 12:09:25 PM, SYSTEM, CARRIEMAE-PC, Update, Bad md5 or size: akaips, 11,
Update, 8/8/2015 12:09:25 PM, SYSTEM, CARRIEMAE-PC, Manual, IP Database, 0.0.0.0, 2015.7.24.3,
Update, 8/8/2015 12:09:26 PM, SYSTEM, CARRIEMAE-PC, Manual, Domain Database, 0.0.0.0, 2015.7.24.2,
Update, 8/8/2015 12:09:26 PM, SYSTEM, CARRIEMAE-PC, Manual, Remediation Database, 2015.5.13.1, 2015.7.28.1,
Update, 8/8/2015 12:09:26 PM, SYSTEM, CARRIEMAE-PC, Manual, Rootkit Database, 2015.6.2.1, 2015.8.6.1,
Update, 8/8/2015 12:09:26 PM, SYSTEM, CARRIEMAE-PC, Manual, AKA IP Database, 0.0.0.0, 2015.8.6.1,
Update, 8/8/2015 12:09:27 PM, SYSTEM, CARRIEMAE-PC, Manual, AKA Domain Database, 0.0.0.0, 2015.8.7.4,
Update, 8/8/2015 12:09:35 PM, SYSTEM, CARRIEMAE-PC, Manual, Malware Database, 2015.6.3.3, 2015.8.8.2,
Protection, 8/8/2015 12:09:43 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Starting,
Protection, 8/8/2015 12:09:44 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Started,
Protection, 8/8/2015 12:09:44 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopping,
Protection, 8/8/2015 12:09:44 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopped,
Protection, 8/8/2015 12:09:55 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Success,
Protection, 8/8/2015 12:09:55 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Starting,
Protection, 8/8/2015 12:09:59 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Started,
Update, 8/8/2015 12:41:53 PM, SYSTEM, CARRIEMAE-PC, Scheduler, AKA Domain Database, 2015.8.7.4, 2015.8.8.1,
Protection, 8/8/2015 12:41:53 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Starting,
Protection, 8/8/2015 12:41:53 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopping,
Protection, 8/8/2015 12:41:54 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopped,
Protection, 8/8/2015 12:44:17 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Success,
Protection, 8/8/2015 12:44:17 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Starting,
Protection, 8/8/2015 12:44:29 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Started,
Scan, 8/8/2015 12:47:18 PM, SYSTEM, CARRIEMAE-PC, Manual, Start:8/8/2015 12:14:38 PM, Duration:32 min 24 sec, Threat Scan, Completed, 14 Malware Detections, 3 Non-Malware Detections,
Protection, 8/8/2015 12:54:49 PM, SYSTEM, CARRIEMAE-PC, Protection, Malware Protection, Starting,
Protection, 8/8/2015 12:54:49 PM, SYSTEM, CARRIEMAE-PC, Protection, Malware Protection, Started,
Protection, 8/8/2015 12:54:49 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Starting,
Protection, 8/8/2015 12:56:36 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Started,
Update, 8/8/2015 1:01:55 PM, SYSTEM, CARRIEMAE-PC, Manual, Malware Database, 2015.8.8.2, 2015.8.8.3,
Protection, 8/8/2015 1:01:55 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Starting,
Protection, 8/8/2015 1:01:55 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopping,
Protection, 8/8/2015 1:01:56 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Stopped,
Protection, 8/8/2015 1:02:37 PM, SYSTEM, CARRIEMAE-PC, Protection, Refresh, Success,
Protection, 8/8/2015 1:02:37 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Starting,
Protection, 8/8/2015 1:02:57 PM, SYSTEM, CARRIEMAE-PC, Protection, Malicious Website Protection, Started,
Scan, 8/8/2015 1:03:44 PM, SYSTEM, CARRIEMAE-PC, Manual, Start:8/8/2015 1:01:57 PM, Duration:1 min 47 sec, Threat Scan, Cancelled, 0 Malware Detections, 0 Non-Malware Detections,

(end)

Share this post


Link to post
Share on other sites

Smping that was the wrong log, but it's ok it shows nothing bad was found !!

 

Chuck

Share this post


Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 11.31.2
Run by carrie mae at 13:15:04 on 2015-08-08
Microsoft® Windows Vistaâ„¢ Home Premium   6.0.6002.2.1252.1.1033.18.1917.305 [GMT -6:00]
.
AV: Norton 360 *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ================
.
C:\Windows\SYSTEM32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Norton 360\Engine\22.5.2.15\N360.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Norton 360\Engine\22.5.2.15\N360.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?PC=BNHP
uDefault_Page_URL = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.yahoo.com
BHO: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\22.5.2.15\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_31\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_31\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\22.5.2.15\coieplg.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdcBase.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 67.215.21.202 72.21.70.3 192.168.1.1
TCP: Interfaces\{96A736C5-EFF1-4A95-8175-C96E566271A7} : DHCPNameServer = 67.215.21.202 72.21.70.3 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~1\google\google~2\goec62~1.dll c:\progra~1\google\google~2\goec62~1.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\44.0.2403.130\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\carrie mae\appdata\roaming\mozilla\firefox\profiles\1fc9l08q.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll
FF - plugin: c:\program files\google\update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\carrie mae\appdata\roaming\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\carrie mae\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\carrie mae\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_209.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-11-14 03:03; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\n360\1605020.00f\symefasi.sys [2015-7-22 1286896]
R1 BHDrvx86;BHDrvx86;c:\program files\norton 360\nortondata\22.5.0.124\definitions\bashdefs\20150728.001\BHDrvx86.sys [2015-7-23 1181936]
R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1605020.00f\ccsetx86.sys [2015-7-22 137456]
R1 IDSVix86;IDSVix86;c:\program files\norton 360\nortondata\22.5.0.124\definitions\ipsdefs\20150807.001\IDSvix86.sys [2015-8-8 523512]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1605020.00f\ironx86.sys [2015-7-22 234744]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1605020.00f\symtdiv.sys [2015-7-22 358104]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2007-12-1 73728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-2 21504]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2015-8-8 1871160]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2015-8-8 1133880]
R2 N360;Norton 360;c:\program files\norton 360\engine\22.5.2.15\n360.exe [2015-7-22 282016]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2015-7-28 122192]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-8-8 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-8-8 98520]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-8-8 51928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2015-6-3 327296]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-11 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-1 30192]
S3 PTDLBus;PANTECH UM175AL Composite Device Driver;c:\windows\system32\drivers\PTDLBus.sys [2009-9-7 32256]
S3 PTDLMdm;PANTECH UM175AL Drivers;c:\windows\system32\drivers\PTDLMdm.sys [2009-9-7 41344]
S3 PTDLVsp;PANTECH UM175AL Diagnostic Port;c:\windows\system32\drivers\PTDLVsp.sys [2009-9-7 39936]
S3 PTDLWWAN;PANTECH UM175AL WWAN Driver;c:\windows\system32\drivers\PTDLWWAN.sys [2009-9-7 59776]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2015-08-08 18:08:24 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-08 18:03:00 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-08 18:03:00 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-08 18:03:00 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-08 18:03:00 -------- d-----w- c:\programdata\Malwarebytes
2015-08-08 18:03:00 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-08-08 17:20:40 -------- d-----w- C:\AdwCleaner
2015-07-23 04:40:16 429816 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\symnets.sys
2015-07-23 04:40:16 358104 ----a-r- c:\windows\system32\drivers\n360\1605020.00f\symtdiv.sys
2015-07-23 04:40:16 22144 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\symelam.sys
2015-07-23 04:40:15 44792 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\srtspx.sys
2015-07-23 04:40:15 1286896 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\symefasi.sys
2015-07-23 04:40:14 711408 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\srtsp.sys
2015-07-23 04:40:14 234744 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\ironx86.sys
2015-07-23 04:40:14 137456 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\ccsetx86.sys
2015-07-23 04:39:36 178057 ----a-w- c:\windows\system32\drivers\n360\1605020.00f\symvtcer.dat
2015-07-23 04:39:36 -------- d-----w- c:\windows\system32\drivers\n360\1605020.00F
.
==================== Find3M  ====================
.
2015-07-23 04:40:25 103152 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2015-07-15 17:35:35 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-15 17:35:35 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 13:18:40.77 ===============
 

Share this post


Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 12/1/2007 7:40:25 AM
System Uptime: 8/8/2015 12:48:51 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0KY766
Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Microprocessor | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 117.29 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.754 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Reader X (10.1.15)
Adobe Shockwave Player 11.5
aiofw
aioprnt
aioscnnr
Aleks 3.18
Apple Application Support
ATI Catalyst Control Center
ATI PCI Express (3GIO) Filter Driver
Banctec Service Agreement
Bing Rewards Client Installer
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
center
Conexant HDA D330 MDC V.92 Modem
D3DX10
DC Universe Online Live
DC Universe Online Live (2)
DC Universe Online Live (3)
Dell DataSafe Online
Dell Getting Started Guide
Dell Resource CD
Dell Support Center (Support Software)
Dell Touchpad
Facebook Plug-In
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Desktop
Google Update Helper
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
igLoader
iTunes
Java 8 Update 31
Java Auto Updater
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
Junk Mail filter update
KODAK AiO Home Center
ksDIP
LG USB Modem driver
Malwarebytes Anti-Malware version 2.1.8.1057
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office Basic Edition 2003
Microsoft Office File Validation Add-In
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Move Media Player
Mozilla Firefox 39.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
Norton 360
OGA Notifier 2.0.0048.0
OpenOffice.org Installer 1.0
PANTECH UM175AL Driver
PdfEdit995 (installed by TaxCut)
PIXMA Extended Survey Program
PreReq
Product Documentation Launcher
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
SA30xx Device Manager
SA30xx Media Converter
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Segoe UI
Skins
Skypeâ„¢ 7.6
Smart Menus (Windows Live Toolbar)
Sonic Activation Module
TV-Browser 2.7.5
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
User's Guides
Vivitar Experience Image Manager
VLC media player
WhiteCap
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================
 

Share this post


Link to post
Share on other sites

Smping, while i look through everything i need these programs run & log posted please !!

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.
 

 

 

====================

 

 

 

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.comhttp://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   
 

 

Post

1. Security Check Log

2. OTL log

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

 Results of screen317's Security Check version 1.006 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
 Adobe Flash Player  18.0.0.209 
 Adobe Reader 10.1.15 Adobe Reader out of Date! 
 Mozilla Firefox (39.0)
 Google Chrome (44.0.2403.125)
 Google Chrome (44.0.2403.130)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

Share this post


Link to post
Share on other sites
  1. OTL logfile created on: 8/8/2015 2:12:21 PM - Run 1

     

    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\carrie mae\Desktop

     

    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

     

    Internet Explorer (Version = 9.0.8112.16421)

     

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

     

     

    1.87 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 32.61% Memory free

     

    3.99 Gb Paging File | 2.49 Gb Available in Paging File | 62.34% Paging File free

     

    Paging file location(s): ?:\pagefile.sys [binary data]

     

     

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

     

    Drive C: | 220.32 Gb Total Space | 117.28 Gb Free Space | 53.23% Space Free | Partition Type: NTFS

     

    Drive D: | 10.00 Gb Total Space | 5.75 Gb Free Space | 57.54% Space Free | Partition Type: NTFS

     

    Drive E: | 7.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

     

     

    Computer Name: CARRIEMAE-PC | User Name: carrie mae | Logged in as Administrator.

     

    Boot Mode: Normal | Scan Mode: All users

     

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

     

     

    ========== Processes (SafeList) ==========

     

     

    PRC - [2015/08/08 13:46:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\carrie mae\Desktop\OTL.scr

     

    PRC - [2015/07/16 12:07:02 | 000,282,016 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\22.5.2.15\n360.exe

     

    PRC - [2015/07/14 22:35:30 | 001,155,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe

     

    PRC - [2015/06/26 16:43:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

     

    PRC - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

     

    PRC - [2015/06/18 08:39:46 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

     

    PRC - [2015/06/18 08:39:34 | 006,554,424 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

     

    PRC - [2010/09/13 18:18:32 | 000,308,656 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe

     

    PRC - [2010/09/02 09:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe

     

    PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe

     

    PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

     

    PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe

     

    PRC - [2007/09/07 12:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe

     

    PRC - [2007/08/29 15:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe

     

    PRC - [2007/07/20 18:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe

     

    PRC - [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe

     

     

     

    ========== Modules (No Company Name) ==========

     

     

    MOD - [2013/04/17 19:34:03 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\86365ae159cb808d52a7e3ba2700ea6c\System.Web.ni.dll

     

    MOD - [2013/04/17 19:22:22 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll

     

    MOD - [2013/01/30 22:28:52 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll

     

    MOD - [2013/01/23 02:24:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll

     

    MOD - [2013/01/23 02:23:36 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll

     

    MOD - [2013/01/23 02:22:58 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll

     

    MOD - [2013/01/23 02:21:39 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll

     

    MOD - [2013/01/23 02:21:28 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll

     

    MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

     

    MOD - [2009/11/03 16:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

     

    MOD - [2007/12/01 08:56:04 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2758.38924__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:56:04 | 000,688,128 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2758.39110__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:56:04 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2758.39136__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:56:04 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2758.38883__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:04 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2758.38936__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:56:04 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2758.39128__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:04 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2758.39089__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:04 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2758.38916__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:56:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2758.38935__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2758.38902__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:56:03 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2758.39163__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2758.39097__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2758.39171__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2758.39102__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2758.38896__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:42 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2758.39096__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,913,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2758.39130__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2758.39037__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2758.39091__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2758.38949__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2758.39030__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2758.38903__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2758.39116__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,319,488 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2758.39023__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2758.38955__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2758.38943__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll

     

    MOD - [2007/12/01 08:55:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2758.38954__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll

     

    MOD - [2007/12/01 08:55:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll

     

    MOD - [2007/12/01 08:55:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll

     

    MOD - [2007/12/01 08:55:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll

     

    MOD - [2007/12/01 08:55:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2636.18438__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2636.18430__90ba9c70f846762e\CLI.Foundation.dll

     

    MOD - [2007/12/01 08:55:40 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll

     

    MOD - [2007/12/01 08:55:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2636.18428__90ba9c70f846762e\LOG.Foundation.dll

     

    MOD - [2007/12/01 08:55:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2636.18485__90ba9c70f846762e\CLI.Foundation.XManifest.dll

     

    MOD - [2007/12/01 08:55:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2636.18430__90ba9c70f846762e\NEWAEM.Foundation.dll

     

    MOD - [2007/12/01 08:55:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2636.18442__90ba9c70f846762e\DEM.OS.I0602.dll

     

    MOD - [2007/12/01 08:55:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2636.18435__90ba9c70f846762e\CLI.Component.Client.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2636.18438__90ba9c70f846762e\MOM.Foundation.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2636.18443__90ba9c70f846762e\DEM.OS.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2636.18441__90ba9c70f846762e\DEM.Graphics.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2636.18441__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2636.18457__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll

     

    MOD - [2007/12/01 08:55:40 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll

     

    MOD - [2007/12/01 08:55:39 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2642.27815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2636.18450__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2636.18451__90ba9c70f846762e\APM.Foundation.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2636.18429__90ba9c70f846762e\AEM.Foundation.dll

     

    MOD - [2007/12/01 08:55:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll

     

    MOD - [2007/12/01 08:55:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Server.Shared.dll

     

    MOD - [2007/12/01 08:55:33 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2758.38911__90ba9c70f846762e\CLI.Component.Wizard.dll

     

    MOD - [2007/12/01 08:55:33 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2758.39150__90ba9c70f846762e\MOM.Implementation.dll

     

    MOD - [2007/12/01 08:55:33 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2758.38882__90ba9c70f846762e\CLI.Component.Runtime.dll

     

    MOD - [2007/12/01 08:55:33 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2758.39148__90ba9c70f846762e\LOG.Foundation.Implementation.dll

     

    MOD - [2007/12/01 08:55:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll

     

    MOD - [2007/12/01 08:55:33 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2758.39193__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll

     

    MOD - [2007/12/01 08:55:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2636.18435__90ba9c70f846762e\LOG.Foundation.Private.dll

     

    MOD - [2007/12/01 08:55:33 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2636.18458__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll

     

    MOD - [2007/12/01 08:55:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2636.18440__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll

     

    MOD - [2007/12/01 08:55:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2636.18433__90ba9c70f846762e\CLI.Foundation.Private.dll

     

    MOD - [2007/12/01 08:55:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2758.38880__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll

     

    MOD - [2007/12/01 08:55:32 | 001,404,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2758.38892__90ba9c70f846762e\CLI.Component.Dashboard.dll

     

    MOD - [2007/12/01 08:55:32 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2758.38882__90ba9c70f846762e\ATIDEMOS.dll

     

    MOD - [2007/12/01 08:55:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2758.38880__90ba9c70f846762e\AEM.Server.dll

     

    MOD - [2007/12/01 08:55:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll

     

    MOD - [2007/12/01 08:55:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2758.39149__90ba9c70f846762e\CCC.Implementation.dll

     

    MOD - [2007/12/01 08:55:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll

     

    MOD - [2007/12/01 08:55:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll

     

    MOD - [2007/12/01 08:55:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2636.18452__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll

     

    MOD - [2007/08/14 02:40:54 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll

     

    MOD - [2006/10/26 16:21:22 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL

     

     

     

    ========== Services (SafeList) ==========

     

     

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)

     

    SRV - [2015/07/16 12:07:02 | 000,282,016 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\22.5.2.15\N360.exe -- (N360)

     

    SRV - [2015/07/15 11:35:42 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

     

    SRV - [2015/07/12 10:45:19 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

     

    SRV - [2015/06/26 16:43:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

     

    SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)

     

    SRV - [2015/06/18 08:39:46 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

     

    SRV - [2015/06/03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

     

    SRV - [2010/09/13 18:18:32 | 000,308,656 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)

     

    SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)

     

    SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

     

    SRV - [2007/09/07 12:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

     

    SRV - [2007/08/29 15:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)

     

    SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

     

    SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

     

    SRV - [2007/04/13 09:49:00 | 000,101,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

     

     

     

    ========== Driver Services (SafeList) ==========

     

     

    DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys -- (X4HSX32)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\klif.sys -- (TSP)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWVsp.sys -- (PTUMWVsp)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWNET.sys -- (PTUMWNET)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWMdm.sys -- (PTUMWMdm)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWFLT.sys -- (PTUMWFLT)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWCDF.sys -- (PTUMWCDF)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWBus.sys -- (PTUMWBus)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

     

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

     

    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)

     

    DRV - [2015/08/08 14:07:44 | 000,098,520 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)

     

    DRV - [2015/07/28 22:40:31 | 000,389,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

     

    DRV - [2015/07/28 22:40:31 | 000,122,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

     

    DRV - [2015/07/23 09:00:09 | 001,181,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx86.sys -- (BHDrvx86)

     

    DRV - [2015/07/22 22:40:25 | 000,103,152 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

     

    DRV - [2015/07/10 19:06:42 | 000,234,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\ironx86.sys -- (SymIRON)

     

    DRV - [2015/07/10 19:06:38 | 001,286,896 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\symefasi.sys -- (SymEFASI)

     

    DRV - [2015/07/10 19:06:29 | 000,711,408 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\srtsp.sys -- (SRTSP)

     

    DRV - [2015/07/10 19:06:29 | 000,044,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\srtspx.sys -- (SRTSPX)

     

    DRV - [2015/07/10 19:06:03 | 000,137,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\ccsetx86.sys -- (ccSet_N360)

     

    DRV - [2015/07/10 15:40:02 | 000,523,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150807.001\IDSvix86.sys -- (IDSVix86)

     

    DRV - [2015/06/18 08:41:50 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)

     

    DRV - [2015/06/18 08:41:36 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

     

    DRV - [2015/06/04 00:20:55 | 000,358,104 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1605020.00F\symtdiv.sys -- (SYMTDIv)

     

    DRV - [2015/05/20 05:34:32 | 001,645,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150807.017\NAVEX15.SYS -- (NAVEX15)

     

    DRV - [2015/05/20 05:34:32 | 000,104,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150807.017\NAVENG.SYS -- (NAVENG)

     

    DRV - [2008/07/20 14:31:12 | 000,059,776 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDLWWAN.sys -- (PTDLWWAN)

     

    DRV - [2008/07/20 14:31:06 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDLVsp.sys -- (PTDLVsp)

     

    DRV - [2008/07/20 14:31:04 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDLMdm.sys -- (PTDLMdm)

     

    DRV - [2008/07/20 14:31:02 | 000,032,256 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDLBus.sys -- (PTDLBus)

     

    DRV - [2007/09/07 12:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

     

    DRV - [2007/08/14 02:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

     

    DRV - [2007/08/14 02:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

     

    DRV - [2007/07/23 10:23:46 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

     

    DRV - [2007/07/23 10:23:46 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

     

    DRV - [2007/07/23 10:23:44 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

     

    DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)

     

    DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)

     

    DRV - [2006/11/21 06:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

     

    DRV - [2006/11/15 02:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

     

    DRV - [2006/11/14 21:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

     

    DRV - [2006/11/14 19:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

     

    DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)

     

    DRV - [2006/10/30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)

     

    DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)

     

    DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)

     

    DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)

     

    DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)

     

    DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)

     

    DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)

     

    DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)

     

    DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)

     

    DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

     

    DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)

     

    DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)

     

    DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)

     

    DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)

     

     

     

    ========== Standard Registry (SafeList) ==========

     

     

     

    ========== Internet Explorer ==========

     

     

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

     

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search

     

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com

     

    IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://www.Google.com/

     

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

     

    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS

     

     

     

    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32

     

    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

     

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

     

     

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32

     

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

     

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

     

     

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32

     

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

     

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32

     

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?PC=BNHP

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DLUS_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=11MseLnV9qu7heWCXKMx3XrmDCo?q={searchTerms}

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{CC944B58-5919-4BCE-BCF5-612D31C4A63A}: "URL" = http://search.espn.go.com/keyword/search?searchString={searchTerms}

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}

     

    IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

     

     

    ========== FireFox ==========

     

     

    FF - prefs.js..browser.search.countryCode: "US"

     

    FF - prefs.js..browser.search.defaultenginename: "Bing "

     

    FF - prefs.js..browser.search.defaultenginename.US: "Bing "

     

    FF - prefs.js..browser.search.region: "US"

     

    FF - prefs.js..browser.search.selectedEngine: "Bing "

     

    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0

     

    FF - prefs.js..extensions.enabledItems: [email protected]:11.0.0.0

     

    FF - prefs.js..extensions.enabledItems: [email protected]:7

     

    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

     

    FF - user.js - File not found

     

     

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ()

     

    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

     

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

     

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

     

    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

     

    FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\carrie mae\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

     

    FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )

     

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)

     

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)

     

    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

     

    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

     

    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\carrie mae\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

     

    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\carrie mae\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

     

    FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\carrie mae\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

     

     

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/13 01:12:20 | 000,000,000 | ---D | M]

     

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn\ [2015/08/08 14:07:41 | 000,000,000 | ---D | M]

     

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015/07/12 10:44:55 | 000,000,000 | ---D | M]

     

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/07/15 12:45:15 | 000,000,000 | ---D | M]

     

    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\carrie mae\AppData\Roaming\Move Networks [2010/03/24 10:59:01 | 000,000,000 | ---D | M]

     

     

    [2011/01/30 11:54:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Extensions

     

    [2015/08/08 11:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions

     

    [2012/09/29 19:57:16 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

     

    [2015/07/12 10:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

     

    [2015/07/12 10:45:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

     

    [2011/07/13 15:52:56 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll

     

    [2011/07/13 15:52:58 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll

     

     

    ========== Chrome  ==========

     

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\

     

    CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

     

     

    O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

     

    O1 - Hosts: 127.0.0.1       localhost

     

    O1 - Hosts: ::1             localhost

     

    O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.

     

    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\22.5.2.15\coieplg.dll (Symantec Corporation)

     

    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL File not found

     

    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)

     

    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)

     

    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\22.5.2.15\coieplg.dll (Symantec Corporation)

     

    O3 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.

     

    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

     

    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )

     

    O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )

     

    O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)

     

    O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()

     

    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)

     

    O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

     

    O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

     

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

     

    O7 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

     

    O7 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

     

    O7 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

     

    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

     

    O15 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..Trusted Domains: localhost ([]http in Local intranet)

     

    O15 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..Trusted Ranges: GD ([http] in Local intranet)

     

    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 11.31.2)

     

    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

     

    O16 - DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 1.8.0_31)

     

    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 1.8.0_31)

     

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

     

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.215.21.202 72.21.70.3 192.168.1.1

     

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96A736C5-EFF1-4A95-8175-C96E566271A7}: DhcpNameServer = 67.215.21.202 72.21.70.3 192.168.1.1

     

    O20 - AppInit_DLLs: (c:\progra~1\google\google~2\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

     

    O20 - AppInit_DLLs: (c:\progra~1\google\google~2\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

     

    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

     

    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

     

    O24 - Desktop WallPaper: C:\Users\carrie mae\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

     

    O24 - Desktop BackupWallPaper: C:\Users\carrie mae\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

     

    O32 - HKLM CDRom: AutoRun - 1

     

    O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

     

    O32 - AutoRun File - [2004/10/20 15:00:43 | 000,000,031 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ]

     

    O33 - MountPoints2\{10056a55-9be9-11de-aa04-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{10056a55-9be9-11de-aa04-001c23b55529}\Shell\AutoRun\command - "" = F:\AutoRun.exe

     

    O33 - MountPoints2\{10056d15-9be9-11de-aa04-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{10056d15-9be9-11de-aa04-001c23b55529}\Shell\AutoRun\command - "" = F:\AutoRun.exe

     

    O33 - MountPoints2\{3fa0b230-c1a9-11dd-943a-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{3fa0b230-c1a9-11dd-943a-001c23b55529}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

     

    O33 - MountPoints2\{61ef627b-cc22-11df-b07c-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{61ef627b-cc22-11df-b07c-001c23b55529}\Shell\AutoRun\command - "" = F:\Start.exe

     

    O33 - MountPoints2\{61ef627b-cc22-11df-b07c-001c23b55529}\Shell\menu1\command - "" = F:\Start.exe

     

    O33 - MountPoints2\{80f55939-a01a-11dc-ad5d-806e6f6e6963}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{80f55939-a01a-11dc-ad5d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\dvd-rom.exe -- [2004/10/20 15:00:43 | 000,564,092 | R--- | M] (Macromedia, Inc.)

     

    O33 - MountPoints2\{9f7ab9a2-9bf1-11de-8b19-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{9f7ab9a2-9bf1-11de-8b19-001c23b55529}\Shell\AutoRun\command - "" = F:\AutoRun.exe

     

    O33 - MountPoints2\{9f7ab9bc-9bf1-11de-8b19-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{9f7ab9bc-9bf1-11de-8b19-001c23b55529}\Shell\AutoRun\command - "" = F:\AutoRun.exe

     

    O33 - MountPoints2\{da042eef-e858-11df-8e1a-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{da042eef-e858-11df-8e1a-001c23b55529}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe

     

    O33 - MountPoints2\{fd4c6605-a1d6-11de-a524-001c23b55529}\Shell - "" = AutoRun

     

    O33 - MountPoints2\{fd4c6605-a1d6-11de-a524-001c23b55529}\Shell\AutoRun\command - "" = F:\AutoRun.exe

     

    O34 - HKLM BootExecute: (autocheck autochk *)

     

    O35 - HKLM\..comfile [open] -- "%1" %*

     

    O35 - HKLM\..exefile [open] -- "%1" %*

     

    O37 - HKLM\...com [@ = comfile] -- "%1" %*

     

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

     

    O37 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

     

    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

     

    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

     

     

    ========== Files/Folders - Created Within 30 Days ==========

     

     

    [2015/08/08 13:46:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\carrie mae\Desktop\OTL.scr

     

    [2015/08/08 12:08:24 | 000,098,520 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys

     

    [2015/08/08 12:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

     

    [2015/08/08 12:03:00 | 000,094,936 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys

     

    [2015/08/08 12:03:00 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys

     

    [2015/08/08 12:03:00 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

     

    [2015/08/08 12:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware

     

    [2015/08/08 12:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

     

    [2015/08/08 11:34:40 | 001,797,896 | ---- | C] (Malwarebytes Corporation) -- C:\Users\carrie mae\Desktop\JRT.exe

     

    [2015/08/08 11:20:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner

     

    [2015/07/12 16:22:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360

     

    [2015/07/12 10:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

     

    [2011/08/17 20:17:10 | 000,581,120 | ---- | C] (Sony Online Entertainment) -- C:\Users\carrie mae\LaunchPad.dll

     

    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

     

    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

     

     

    ========== Files - Modified Within 30 Days ==========

     

     

    [2015/08/08 14:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

     

    [2015/08/08 14:08:17 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

     

    [2015/08/08 14:07:44 | 000,098,520 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys

     

    [2015/08/08 14:06:17 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

     

    [2015/08/08 14:06:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

     

    [2015/08/08 14:06:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

     

    [2015/08/08 14:06:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

     

    [2015/08/08 13:46:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\carrie mae\Desktop\OTL.scr

     

    [2015/08/08 13:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

     

    [2015/08/08 13:04:56 | 000,004,218 | ---- | M] () -- C:\Malwarebytes Anti-Malware.lnk

     

    [2015/08/08 12:48:07 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

     

    [2015/08/08 12:03:05 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

     

    [2015/08/08 11:34:58 | 001,797,896 | ---- | M] (Malwarebytes Corporation) -- C:\Users\carrie mae\Desktop\JRT.exe

     

    [2015/08/06 02:12:35 | 000,183,082 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150806.002

     

    [2015/08/05 15:28:12 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

     

    [2015/08/05 10:50:38 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150805.009

     

    [2015/08/04 10:49:14 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150804.006

     

    [2015/08/03 10:46:45 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150803.007

     

    [2015/08/02 10:42:04 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150802.004

     

    [2015/08/01 10:39:01 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150801.004

     

    [2015/07/31 10:33:55 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150731.007

     

    [2015/07/30 10:32:10 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150730.007

     

    [2015/07/28 10:24:52 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150728.007

     

    [2015/07/27 10:23:25 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150727.009

     

    [2015/07/26 10:19:39 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150726.004

     

    [2015/07/25 10:18:42 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150725.005

     

    [2015/07/24 10:12:56 | 000,180,033 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\VT20150724.008

     

    [2015/07/23 01:07:41 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.LNK

     

    [2015/07/23 01:07:08 | 002,401,959 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\Cat.DB

     

    [2015/07/22 22:40:25 | 000,103,152 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS

     

    [2015/07/22 22:40:25 | 000,008,178 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT

     

    [2015/07/22 22:40:25 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF

     

    [2015/07/17 20:43:48 | 000,001,623 | ---- | M] () -- C:\Users\carrie mae\Desktop\jhmmnmm.lnk

     

    [2015/07/16 12:05:36 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\isolate.ini

     

    [2015/07/15 11:35:35 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

     

    [2015/07/15 11:35:35 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

     

    [2015/07/10 19:06:59 | 000,429,816 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\symnets.sys

     

    [2015/07/10 19:06:45 | 000,022,144 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\symelam.sys

     

    [2015/07/10 19:06:45 | 000,009,943 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\symelam.cat

     

    [2015/07/10 19:06:42 | 000,234,744 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\ironx86.sys

     

    [2015/07/10 19:06:38 | 001,286,896 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\symefasi.sys

     

    [2015/07/10 19:06:37 | 000,008,178 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\symefasi.cat

     

    [2015/07/10 19:06:34 | 000,178,057 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\symvtcer.dat

     

    [2015/07/10 19:06:29 | 000,711,408 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\srtsp.sys

     

    [2015/07/10 19:06:29 | 000,044,792 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\srtspx.sys

     

    [2015/07/10 19:06:29 | 000,008,164 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\srtspx.cat

     

    [2015/07/10 19:06:29 | 000,008,160 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\srtsp.cat

     

    [2015/07/10 19:06:29 | 000,001,389 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\srtsp.inf

     

    [2015/07/10 19:06:03 | 000,137,456 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1605020.00F\ccsetx86.sys

     

    [2015/07/10 19:06:03 | 000,008,178 | ---- | M] () -- C:\Windows\System32\drivers\N360\1605020.00F\ccsetx86.cat

     

    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

     

    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

     

     

    ========== Files Created - No Company Name ==========

     

     

    [2015/08/08 13:04:55 | 000,004,218 | ---- | C] () -- C:\Malwarebytes Anti-Malware.lnk

     

    [2015/08/08 12:03:05 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

     

    [2015/07/17 20:43:48 | 000,001,623 | ---- | C] () -- C:\Users\carrie mae\Desktop\jhmmnmm.lnk

     

    [2011/11/19 23:24:17 | 000,000,045 | ---- | C] () -- C:\Users\carrie mae\LaunchPad-user.ini

     

    [2011/11/19 23:24:17 | 000,000,027 | ---- | C] () -- C:\Users\carrie mae\Uninstaller.ini

     

    [2011/11/19 23:24:17 | 000,000,027 | ---- | C] () -- C:\Users\carrie mae\uninst.ini

     

    [2011/08/17 21:11:56 | 000,421,888 | ---- | C] () -- C:\Users\carrie mae\LaunchPad.exe

     

    [2011/06/27 12:41:46 | 000,000,298 | ---- | C] () -- C:\Users\carrie mae\LaunchPad.ini

     

    [2011/06/27 12:41:44 | 000,185,437 | ---- | C] () -- C:\Users\carrie mae\LaunchPad.png

     

    [2008/06/11 21:37:45 | 000,000,022 | ---- | C] () -- C:\ProgramData\pskt.ini

     

    [2008/06/11 21:37:43 | 000,110,419 | ---- | C] () -- C:\ProgramData\BMc97f14c3.xml

     

    [2008/05/26 23:05:46 | 000,007,268 | ---- | C] () -- C:\Users\carrie mae\AppData\Local\d3d9caps.dat

     

    [2007/12/07 12:10:07 | 000,045,568 | ---- | C] () -- C:\Users\carrie mae\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

     

     

    ========== ZeroAccess Check ==========

     

     

    [2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

     

     

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

     

     

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

     

     

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

     

    "" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 10:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)

     

    "ThreadingModel" = Apartment

     

     

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

     

    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

     

    "ThreadingModel" = Free

     

     

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

     

    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

     

    "ThreadingModel" = Both

     

     

    ========== LOP Check ==========

     

     

    [2010/03/28 18:27:59 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\Facebook

     

    [2011/06/03 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\FMZilla

     

    [2010/01/06 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\Juniper Networks

     

    [2009/12/01 00:09:23 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\MusicNet

     

    [2011/03/03 16:55:56 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\PCDr

     

    [2009/09/07 15:16:21 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\Smith Micro

     

    [2011/11/19 23:33:45 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\Sony Online Entertainment

     

    [2008/01/14 17:59:00 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\TaxCut

     

    [2011/04/21 20:56:02 | 000,000,000 | ---D | M] -- C:\Users\carrie mae\AppData\Roaming\Temp

     

     

    ========== Purity Check ==========

     

     

     

     

    < End of report >

     

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 8/8/2015 2:12:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\carrie mae\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.87 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 32.61% Memory free
3.99 Gb Paging File | 2.49 Gb Available in Paging File | 62.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.32 Gb Total Space | 117.28 Gb Free Space | 53.23% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.75 Gb Free Space | 57.54% Space Free | Partition Type: NTFS
Drive E: | 7.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: CARRIEMAE-PC | User Name: carrie mae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00ED163C-251F-4A8D-808B-0B9BDAC1DFBF}" = lport=5358 | protocol=6 | dir=in | app=system |
"{09C10FA8-C162-4647-9D11-77FD4730C3D1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0CBD181B-8D96-4A0C-9E84-A2D24D947E52}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{14174E55-3C36-404C-8B4D-9D51F1A587C1}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{175370AD-8F35-4559-AC22-B0BBF72D9459}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{234D3626-FCD2-421E-B6E2-B0ABBC4CCA02}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{287B5F5D-A003-4DBC-BC80-0D267554BA6F}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{2AC14F76-84CB-4DD4-835D-40ABBCF57191}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2D022318-32CF-47B2-A8EB-E02D80B38976}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{34A04089-43A6-4DE9-B26C-02D66C17FDF5}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{38440DCD-C179-4F48-A79A-4789AD501B35}" = rport=5357 | protocol=6 | dir=out | app=system |
"{3DB76419-9C5F-4B43-9045-1E2046718886}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{3EBAC21A-FA39-4B42-803D-3179D8F655F0}" = rport=5358 | protocol=6 | dir=out | app=system |
"{564FDFE2-627B-4BDA-9F29-C2E33795D568}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C506E5D-B4BF-4BD9-AA4E-20041AF529E3}" = rport=138 | protocol=17 | dir=out | app=system |
"{632AA75E-B36C-4E78-A78C-CD5141F942AB}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{635CEAAE-C453-44ED-AAC9-23E4E61B35CD}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{640930B9-DD70-4DC7-88E6-83D76BD48C2C}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{69C4C180-E9F4-4A95-A1EF-BB9D17269610}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7023A829-151E-4C73-8308-D13366914246}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{73404541-E4A9-4467-99C4-67448D8A47FB}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{763C76E8-AD4E-4A45-A143-981635B32E66}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9789A3C4-52D6-402F-A83F-AC80CBEB6609}" = rport=137 | protocol=17 | dir=out | app=system |
"{A02F1CB8-AAC1-4E4E-9701-2CA5EB3C4E72}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{AAD92B60-5C5D-4271-8A27-DFDA7E9905A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AB3AFAF5-8BEB-41E9-A305-11DF01BD7E16}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{ABB4662F-54B3-4EC5-828F-73F9E576E7CA}" = rport=139 | protocol=6 | dir=out | app=system |
"{B10EFE8D-C2B1-498B-8332-C1FB26F91C4C}" = lport=137 | protocol=17 | dir=in | app=system |
"{B2274C39-DDEF-4B68-8D7E-9C26D20E28F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B3EF76FB-A6EE-4648-97C1-D3375DD16277}" = lport=5357 | protocol=6 | dir=in | app=system |
"{B5BA988E-CDE3-46B2-BB06-05A2207174D5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B6C1C0C6-66A1-420A-82FB-656ED871C00F}" = rport=445 | protocol=6 | dir=out | app=system |
"{B8DF73B8-122E-4DC4-8188-7DE567EDE718}" = lport=445 | protocol=6 | dir=in | app=system |
"{B91B7DF2-1E3F-451D-98A7-419D1C680FC9}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C65E4390-89FF-49D8-A59E-5CFED7D175F7}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CA3DC5B1-308C-446E-8901-19E80D9EB68C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CAB97CE1-58C0-4853-BAEE-A643C049445F}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3FE9B97-331D-4348-BD3C-964C4A1E1FD6}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D86D541B-8067-4E11-BF0E-DE6033951F5B}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{E9014087-CBEE-40BC-A082-18DA6743C6BC}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EBD5CB6B-3651-4832-97C6-2B25A0D5E55E}" = lport=139 | protocol=6 | dir=in | app=system |
"{EE6B2B90-EFA3-4B4C-A44D-2EBF9C4475B3}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F82BE2A6-2D4D-450A-AE0B-D93789977D2A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04885214-D3CE-4A52-A16D-60666F03F8B7}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe |
"{0F390C5A-6D7C-4BA5-8B9B-9BE2865041F3}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe |
"{19D47F83-6E70-461A-BA16-095942265786}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe |
"{1DE644BE-92B7-4132-BE9B-CB2CE2417101}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{243DFFC9-4CCE-4683-988A-A310680E3F89}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{263F415B-77B9-4981-BEE7-F43E8C4A8495}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3D7BFB23-F009-415C-B77C-F5E5205A91E9}" = protocol=58 | dir=in | [email protected],-28545 |
"{41F75245-7B19-4779-B641-898F8C783362}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4D929E63-F82E-44A1-8DDA-938A6A9F5126}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4F204DC2-17A7-46B8-9641-62B35D5CE16E}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4F7E33E7-86F1-4444-BAB2-3F82C0D774CF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{527D4CFA-A1C6-4A25-9D37-D6119A583A74}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{5310D9B0-A3C5-4AD0-B18C-F71DA2065F09}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{53B9016F-2AA2-46D1-86A7-F595BC77D10D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{59CAE0D3-C0A4-4CED-A3D5-EB90B0CEE197}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6C8AC686-3FBF-4C07-8F7F-25B31FCF3A77}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{71DB925A-4F9B-4894-A11B-920BDA048140}" = protocol=1 | dir=out | [email protected],-28544 |
"{74643C61-A540-4993-A71A-925A302774B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{88FD32D3-2041-425A-838B-9BBED5102967}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{8929417C-16FF-4B84-901A-2E176DF30017}" = protocol=17 | dir=in | app=c:\program files\defender pro\defender pro internet security 6.0\avp.exe |
"{9903B0ED-67AB-4CDE-B83D-ADAB017D4A1A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{991EF673-B3B9-4208-8CD4-059E397F0C1E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9E3DC892-3BCE-4C14-9AF0-69C874F70990}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{9EF59971-D9D4-40CD-90E1-047DEBCD9D8C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A5E18223-D4C3-44E5-9D5A-AB63B08F9A0B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A857A695-E6AC-45F7-A1F1-EC83F078EBA4}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{A8BA8985-4CD0-466A-A540-069374BF1A38}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AC226E21-A567-4242-B3AC-1FB780DAD629}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B26786DB-A08E-4D26-86B1-4F024804700F}" = protocol=17 | dir=in | app=c:\windows\system32\lxcycoms.exe |
"{B60507E4-4B4C-4DE9-B0B4-C19407D20AB7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BF0E9983-19AA-467B-8B75-932F18886538}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C04E11CC-8F54-4019-B624-9FC3A45A8E1A}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{C0E0F5C2-B796-429E-A378-5D3F0CF98E55}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{C0EEE71D-C601-4FDE-A1FA-2A3ED2A633CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C108232B-BA1B-42E8-8FF4-0A5897E1A33D}" = protocol=6 | dir=in | app=c:\program files\defender pro\defender pro internet security 6.0\avp.exe |
"{C10CFFC5-BE97-4BD9-8C66-24178674BC89}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{C132E743-DDE3-40E2-8026-62FB583016B4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C212D1DA-2C1B-4A2E-BC43-5CBE1094B878}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{C4AAD623-F37B-4550-A3B4-BD79D211DEC5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C5370D33-B899-4E00-8A35-4244B6C40513}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DC3E910B-FA3B-43F7-BC74-EAD91738EDBE}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E0A89A74-F69D-4975-9E24-73329B5B74A8}" = protocol=1 | dir=in | [email protected],-28543 |
"{E20D4CF3-43E8-4F1C-A2D5-4F39E503B267}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E4170702-41E2-457E-AF21-3E13EF005878}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E8697974-4F8A-4B29-AE97-A843EEB8C810}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1E0ED10-C3FE-4DBB-B0C7-FAEDC9B03CA9}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{F2413584-230B-4688-ADD4-9F8081C3A2E7}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe |
"{F497F721-5367-4A40-8C13-15A35D7533E1}" = protocol=58 | dir=out | [email protected],-28546 |
"{F98A9243-58DB-4002-96C3-6058FEFE14D7}" = protocol=6 | dir=in | app=c:\windows\system32\lxcycoms.exe |
"TCP Query User{1110228F-6003-400E-870F-F6EB56B8A694}C:\program files\gametap web player\bin\release\gametapplayer.exe" = protocol=6 | dir=in | app=c:\program files\gametap web player\bin\release\gametapplayer.exe |
"TCP Query User{5A78FE75-5D2C-47B0-9A7A-09541DCB2EF9}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{5C8FDC9F-3D8A-4217-8F94-5FEF154CBC6A}C:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\21b4dsfx\mtgoiii_helper[1].exe" = protocol=6 | dir=in | app=c:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\21b4dsfx\mtgoiii_helper[1].exe |
"TCP Query User{713B4B90-CC4D-4274-8157-2909D9DB3F06}C:\program files\strategy first\disciples 2 gold gallean\discipl2.exe" = protocol=6 | dir=in | app=c:\program files\strategy first\disciples 2 gold gallean\discipl2.exe |
"TCP Query User{7DEAFF06-767A-485E-B010-B57C2DA64D37}C:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\cdox9fp2\mtgoiii_helper[1].exe" = protocol=6 | dir=in | app=c:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\cdox9fp2\mtgoiii_helper[1].exe |
"TCP Query User{9FDA4F46-72AA-4A13-BF6E-68FC3AF372E2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C5C207D2-CADD-45B3-8577-A51927ACD7F5}C:\program files\yahoo!\upnp\yupnpsrv.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\upnp\yupnpsrv.exe |
"TCP Query User{F0EBD639-BC10-483C-802F-9749C6B4560C}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{05D9447A-D175-4E46-86A1-76D33DE9C4EA}C:\program files\strategy first\disciples 2 gold gallean\discipl2.exe" = protocol=17 | dir=in | app=c:\program files\strategy first\disciples 2 gold gallean\discipl2.exe |
"UDP Query User{13008897-57AB-46D8-8EA9-91949910D8C3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{51DE5A93-3C01-444A-BD83-C321366F2945}C:\program files\gametap web player\bin\release\gametapplayer.exe" = protocol=17 | dir=in | app=c:\program files\gametap web player\bin\release\gametapplayer.exe |
"UDP Query User{8ED6C9CD-FF5E-48CE-9AC9-348736CC0E98}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{B1EA4B9A-E2A3-45F3-AB4E-0A86E968F2CC}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{C8DC7EC2-A921-4E5F-BE76-83D370B63B6A}C:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\cdox9fp2\mtgoiii_helper[1].exe" = protocol=17 | dir=in | app=c:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\cdox9fp2\mtgoiii_helper[1].exe |
"UDP Query User{D63E9D47-6351-465D-85F0-86B9204CBCA0}C:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\21b4dsfx\mtgoiii_helper[1].exe" = protocol=17 | dir=in | app=c:\users\josh\appdata\local\microsoft\windows\temporary internet files\content.ie5\21b4dsfx\mtgoiii_helper[1].exe |
"UDP Query User{EEF010DD-0249-439C-B7D4-0D06602F52C5}C:\program files\yahoo!\upnp\yupnpsrv.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\upnp\yupnpsrv.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C85D5D-77CA-7173-5775-AFB9CC835F33}" = CCC Help Finnish
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A331B03-B20D-D63E-7CFA-6DE03CD85972}" = CCC Help Chinese Traditional
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{110E8E90-1F9A-4804-9221-1DA0D0379C90}" = SA30xx Media Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{179950A7-026A-3F96-9540-3C528A96C5C0}" = Catalyst Control Center Localization Danish
"{1882BDBB-0DFD-FAE6-77FA-E3445D821F18}" = CCC Help Norwegian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2452E3E3-B627-7371-F43F-68149C528556}" = CCC Help French
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skypeâ„¢ 7.6
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine
"{310A99AD-E8DD-CF60-CDD3-ED197E106A80}" = Catalyst Control Center Localization Russian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36D252B0-6856-4395-4BBE-DEC2E56DCB24}" = Catalyst Control Center Localization Dutch
"{3736E75B-0FD7-F5A3-15F1-EE07B633AEE5}" = Catalyst Control Center Localization Finnish
"{393AAD92-9760-9B0D-43C1-C6C5E89EFA67}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4248C264-C1BF-8414-4B16-F61FF0BC49A7}" = Catalyst Control Center Localization Spanish
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{48FC3614-221A-4272-5AFC-50EC406606FE}" = Catalyst Control Center Localization Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A2BD145-6614-B0A5-0E1A-5367A3451691}" = CCC Help Chinese Standard
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{55D070A2-9EA5-8C26-5F74-835BAC086523}" = Catalyst Control Center Localization German
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{59361F9F-A413-83EC-E269-6D34CC697878}" = CCC Help Portuguese
"{5B9A8ECB-A06B-A5AF-A7AD-B2E1A9B09AE8}" = CCC Help Korean
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DC09527-BE89-4FD0-AF67-73FBA5EEB8BC}" = SA30xx Media Converter
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BAFE5C7-FAAE-7F8C-39C0-BA8BD7A6786F}" = Catalyst Control Center Localization Chinese Standard
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72BBAAE1-61A5-5F40-9BF3-95992B29F8A7}" = Catalyst Control Center Graphics Full Existing
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7A97828F-C89C-C290-E11D-57A33DD523CB}" = Catalyst Control Center Localization Portuguese
"{7D3A926D-D61E-6063-1C0D-18A4365D5033}" = ccc-core-static
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E532356-3BAE-4832-A253-2F1094FE5C40}" = Catalyst Control Center Localization Norwegian
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88937F68-8C7A-A5DC-4004-2A2E0ECCC2DB}" = Catalyst Control Center Localization Japanese
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C454737-22A5-43F6-B09F-A4B3F7BD3468}" = CCC Help Spanish
"{9C769AD0-00EE-8A6A-8C2A-F51BAABCCE02}" = CCC Help Dutch
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E3DCAB8-285C-464F-DBCB-0052F92FEEF2}" = Catalyst Control Center Graphics Light
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B9FBF8-7986-6CF7-C31C-20A19E7D1717}" = ccc-utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.15)
"{ACB4C93A-594E-E76A-3349-EEF2D6A723D6}" = Catalyst Control Center Localization Italian
"{ACDF5DEF-413F-A546-6F35-66CE215BDCCB}" = Skins
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2BFD108-1E93-06C5-F34E-48B92C358EDD}" = CCC Help Swedish
"{B970E87C-274D-5ADC-41BB-8C81926AF300}" = CCC Help Russian
"{BB9B16B0-442F-46c6-92EF-8E7F30A66F92}" = PANTECH UM175AL Driver
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6CC1EA6-12E2-219A-F8A1-1058AB678E08}" = CCC Help Italian
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF8BA296-55D7-8B51-6C4E-4789A1D003BE}" = Catalyst Control Center Localization French
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D62A9D43-39A4-337B-A432-1C6DB13087B8}" = CCC Help English
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D8210D47-2F24-99C7-9183-E093FBF14D92}" = CCC Help Japanese
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DCDCFE99-36A7-6B89-8329-BAB033D99577}" = CCC Help German
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE623944-11D0-4CD3-17BE-FDF0F5309FD5}" = CCC Help Danish
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Center
"{E194308F-9718-7425-BCC1-FAAF46A188CB}" = Catalyst Control Center Core Implementation
"{E314D889-0C82-9F5F-A9EE-699109226856}" = Catalyst Control Center Graphics Full New
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFBE2318-89B7-4A5F-8912-23DB04761C31}" = Catalyst Control Center - Branding
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"{FF61246F-8BD1-165A-5F50-B6DFECE53025}" = Catalyst Control Center Localization Korean
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aleks 3.18" = Aleks 3.18
"CANONIJPLM100" = PIXMA Extended Survey Program
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"igLoader" = igLoader
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.8.1057
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 39.0 (x86 en-US)" = Mozilla Firefox 39.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"PdfEdit995" = PdfEdit995 (installed by TaxCut)
"SynTPDeinstKey" = Dell Touchpad
"tvbrowser" = TV-Browser 2.7.5
"Vivitar Experience Image Manager" = Vivitar Experience Image Manager
"VLC media player" = VLC media player
"WhiteCap" = WhiteCap
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Move Media Player" = Move Media Player
"SOE-DC Universe Online Live" = DC Universe Online Live
"SOE-DC Universe Online Live (2)" = DC Universe Online Live (2)
"SOE-DC Universe Online Live (3)" = DC Universe Online Live (3)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/8/2015 4:11:01 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:01 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 8/8/2015 4:11:02 PM | Computer Name = carriemae-PC | Source = Windows Search Service | ID = 3013
Description =
 
[ Media Center Events ]
Error - 5/26/2008 5:50:31 PM | Computer Name = carriemae-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 6/22/2008 1:28:59 PM | Computer Name = carriemae-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 1/27/2011 3:20:55 PM | Computer Name = carriemae-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
 due to an abandoned mutex.'.
 
Error - 5/14/2011 8:11:29 PM | Computer Name = carriemae-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
 due to an abandoned mutex.'.
 
Error - 7/24/2012 4:32:51 PM | Computer Name = carriemae-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
 due to an abandoned mutex.'.
 
[ System Events ]
Error - 10/15/2008 6:41:41 PM | Computer Name = carriemae-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:13:41 PM on 10/9/2008 was unexpected.
 
Error - 10/15/2008 6:42:57 PM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10/15/2008 6:42:57 PM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/15/2008 6:44:06 PM | Computer Name = carriemae-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the interface
 with IP address 137.88.135.120.  The computer with the IP address 137.88.134.19 did
 not allow the name to be claimed by  this computer.
 
Error - 10/18/2008 10:46:46 AM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/18/2008 10:46:46 AM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7043
Description =
 
Error - 10/18/2008 10:47:25 AM | Computer Name = carriemae-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
 5, function 0.  Please contact your system vendor for technical assistance.
 
Error - 10/18/2008 10:47:25 AM | Computer Name = carriemae-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
 7, function 0.  Please contact your system vendor for technical assistance.
 
Error - 10/18/2008 10:49:24 AM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10/18/2008 10:49:24 AM | Computer Name = carriemae-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
 

Share this post


Link to post
Share on other sites

Smping, ok finally !! I need you to look in your Add/remove control panel and remove Defender Pro if present !

 

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus  :OTL

:OTLDRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys -- (X4HSX32)DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\klif.sys -- (TSP)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWVsp.sys -- (PTUMWVsp)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWNET.sys -- (PTUMWNET)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWMdm.sys -- (PTUMWMdm)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWFLT.sys -- (PTUMWFLT)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWCDF.sys -- (PTUMWCDF)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWBus.sys -- (PTUMWBus)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUSIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://www.bing.com/...Y2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBoxIE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DLUS_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...CXKMx3XrmDCo?q={searchTerms}IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{CC944B58-5919-4BCE-BCF5-612D31C4A63A}: "URL" = http://search.espn.g...h?searchString={searchTerms}IE - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found[2011/01/30 11:54:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Extensions[2015/08/08 11:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions[2012/09/29 19:57:16 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi[2015/07/12 10:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensionsCHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\CHR - Extension: No name found = C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL File not foundO3 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.O37 - HKU\S-1-5-21-1305906321-3614984133-1862934780-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

Post that log next !!

 

 

 

=======================

 

 

Then make sure you uncheck the boxes for McCafee when you update these :

 

Make sure you uncheck the box to install McAfee Security Scan Plus
Java version 32-bit out of Date!
Download the latest version of Java Runtime Environment(JRE), and install it to your computer.
It is the 1st one  on the page, called Java Runtime Environment (JRE) 6 Update 12
Select Windows, multi-language, and check to agree to the license.
Download it, choose save, and save it to your desktop.
Then doubleclick it, and it will install the newest version of Java for you to use.


===================

Adobe Reader out of Date!
Update Adobe Reader

Make sure you uncheck the box to install McAfee Security Scan Plus

  1. Please uninstall unless you already have Adobe Reader XXX XXX xxx before installing the latest version by going to Start > Control Panel and double clicking on Add/Remove Programs. Locate Adobe Reader XX xxx xx and click on Change/Remove to uninstall it.
  2. Click here to download the latest version of Adobe Acrobat Reader.
  3. Select your Windows version and click on Download. If you are using Internet Explorer, you will receive prompts. Allow the installation to be ran and it will be installed automatically for you.

    If you are using other browsers, it will prompt you to save a file. Save this file to your desktop and run it to install the latest version of Adobe Reader.
  4. Close your Internet browser and open it again.

 

 

Let me know how these go ???

 

 

Almost done !!

 

Thanks

Chuck
 

Share this post


Link to post
Share on other sites

All processes killed
========== OTL ==========
Service X4HSX32 stopped successfully!
Service X4HSX32 deleted successfully!
File C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys not found.
Service USBAAPL stopped successfully!
Service USBAAPL deleted successfully!
File System32\Drivers\usbaapl.sys not found.
Service TSP stopped successfully!
Service TSP deleted successfully!
File C:\Windows\system32\drivers\klif.sys not found.
Service PTUMWVsp stopped successfully!
Service PTUMWVsp deleted successfully!
File system32\DRIVERS\PTUMWVsp.sys not found.
Service PTUMWNET stopped successfully!
Service PTUMWNET deleted successfully!
File system32\DRIVERS\PTUMWNET.sys not found.
Service PTUMWMdm stopped successfully!
Service PTUMWMdm deleted successfully!
File system32\DRIVERS\PTUMWMdm.sys not found.
Service PTUMWFLT stopped successfully!
Service PTUMWFLT deleted successfully!
File system32\DRIVERS\PTUMWFLT.sys not found.
Service PTUMWCDF stopped successfully!
Service PTUMWCDF deleted successfully!
File system32\DRIVERS\PTUMWCDF.sys not found.
Service PTUMWBus stopped successfully!
Service PTUMWBus deleted successfully!
File system32\DRIVERS\PTUMWBus.sys not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CC944B58-5919-4BCE-BCF5-612D31C4A63A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC944B58-5919-4BCE-BCF5-612D31C4A63A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
C:\Users\carrie mae\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\carrie mae\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions folder moved successfully.
File C:\Users\carrie mae\AppData\Roaming\Mozilla\Firefox\Profiles\1fc9l08q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\zh_TW folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\zh_CN folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\vi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\uk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\tr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\th folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ru folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ro folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pt_PT folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pt_BR folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\no folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\nl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ms folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\lv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\lt folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ko folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ja folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\it folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\id folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\he folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\eu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\et folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\es_419 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\en_US folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\en_GB folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\zh_TW folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\zh_CN folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\vi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\uk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\tr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\th folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ru folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ro folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pt_PT folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pt_BR folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\no folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\nl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\lv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\lt folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ko folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ja folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\it folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\id folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\he folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\en folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\_locales\en folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\toolbar\styles folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\toolbar\images folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\toolbar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\SafeWeb\Scripts folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\SafeWeb folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\RedirectPages folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\images\Widgets folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\images\StatusButton folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\images\SafeBrowse folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\images folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0\IdentitySafe folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.116_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\hr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\he folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\et folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\es_419 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\en_US folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\en_GB folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\en folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales\ar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific\x86-32_ folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\audio folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\zh_TW folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\zh_CN folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\vi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\uk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\tr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\th folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ru folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ro folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pt_PT folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pt_BR folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\nl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\nb folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\lv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\lt folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ko folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ja folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\it folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\id folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\et folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\es_419 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\en_GB folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\en folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\images folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\html folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\css folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0 folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully.
C:\Users\carrie mae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1305906321-3614984133-1862934780-1000_Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: carrie mae
->Java cache emptied: 12438543 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Java Files Cleaned = 12.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: carrie mae
->Flash cache emptied: 3127752 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Flash Files Cleaned = 3.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: carrie mae
->Temp folder emptied: 7044980 bytes
->Temporary Internet Files folder emptied: 16614593 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 140524181 bytes
->Google Chrome cache emptied: 11178172 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 279440 bytes
Windows Temp folder emptied: 4148 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 168.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 08082015_153643

Files\Folders moved on Reboot...
File\Folder C:\Users\carrie mae\AppData\Local\Temp\~DFA1DB.tmp not found!
File\Folder C:\Users\carrie mae\AppData\Local\Temp\~DFA1E9.tmp not found!
File\Folder C:\Users\carrie mae\AppData\Local\Temp\~DFA27B.tmp not found!
File\Folder C:\Users\carrie mae\AppData\Local\Temp\~DFA28F.tmp not found!
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XBA97PIE\BhKMRj1sUPu[1].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XBA97PIE\fastbutton[1].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XBA97PIE\zrt_lookup[1].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W2MIGKIH\ads[6].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W2MIGKIH\ads[7].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQ4KCA8I\34819-slow-computer[2].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQ4KCA8I\BhKMRj1sUPu[1].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQ4KCA8I\like[3].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQ4KCA8I\postmessageRelay[1].htm moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\carrie mae\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Share this post


Link to post
Share on other sites

Smping that looks good !!

 

Clean up of Malware Removal Tools

Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

    Download Delfix to your desktop and double click it to start the program here             
    Ensure Remove disinfection tools is ticked
    Also tick:
    o Create registry backup
    o Purge system restore
    o Reset system settings

    o Click Run
    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.

 

 

 

======================

 

 

 

 
Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
NoScript

adblock plus

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
Online Armor Free
Agnitum Outpost Firewall Free
Comodo Firewall Free
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.WOT(Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice How to prevent malware .

 

You can type in the box where you have posted the logs !!
Let me know how it's running ?
Any problems ?
It may run a tad slow until a few normal re-boots, but according to all logs you are clean !!

Thanks
Chuck

 

 

=================

 

 

Now for the extras !

Click the free avast button >>>  http://www.avast.com/en-us/download-software.........  avast! Free Antivirus is FREE - you only need to register it with an email address once per year.
This what i use for Antivirus protection !

 

=================

 

Download and save Norton Removal Tool to your desktop.

Right click on Norton_Removal_Tool.exe and select Run As Administrator to run it. If you receive a prompt, please allow it. After this, please restart your computer.
 

Share this post


Link to post
Share on other sites

# DelFix v1.010 - Logfile created 08/08/2015 at 17:31:44
# Updated 26/04/2015 by Xplode
# Username : carrie mae - CARRIEMAE-PC
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\AdwCleaner
Deleted : C:\Users\carrie mae\Downloads\adwcleaner_4.208.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #831 [Removed Adobe Reader X (10.1.15). | 08/08/2015 22:01:18]
Deleted : RP #832 [Removed Java 8 Update 31 | 08/08/2015 23:07:51]
Deleted : RP #833 [Removed Java 8 Update 31 | 08/08/2015 23:12:23]
Deleted : RP #834 [installed Java SE Development Kit 8 Update 51 | 08/08/2015 23:22:04]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Share this post


Link to post
Share on other sites

It's being stubborn so dwnload Revo Uninstaller !!

 

We need to remove some programs with Revo Uninstaller Free:

Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows.
Since it is a more powerful tool, please be sure to follow the instructions carefully.

Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.
    
    Please download and install Revo Uninstaller Free >>> http://api.viglink.com/api/click?format=go&jsonp=vglnk_142359985120416&key=bf4adfcbb328b51c165afd7f95bfc060&libId=40c66536-2b4a-4bcb-a751-b3f0ee374ba1&loc=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D129231&v=1&out=http%3A%2F%2Fwww.revouninstaller.com%2Fstart_freeware_download.html&ref=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3Df9ed3a210be7218f8c506ece1d2534fc%26showforum%3D27&title=Infected%20again!%20-%20Virus%2C%20Spyware%20%26%20Malware%20Removal&txt=Revo%20Uninstaller%20Free
   note: there is no need to click anything on that page, the download will start automatically
    Double click Revo Uninstaller to run it
    From the list of programs double click on the listed program(s), or anything similar, to remove it:

* When prompted if you want to uninstall click Yes
* Be sure the Moderate option is selected then click Next
* The program will run, If prompted again clickYes
* When the built-in uninstaller is finished click on Next
* Once the program has searched for leftovers click Next
* Check the items in bold only on the list then click Delete
** note: you may have to expand some folders by clicking the "+" mark
* When prompted click on Yes and then onNext
* Put a check on any folders that are found and select Delete
* When prompted select Yes then Next
* Once done click Finish
 

Share this post


Link to post
Share on other sites

Seeing how this has been resolved, i will lock this topic ! Anyone with a problem like this please start a new topic !!

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this