OTL logfile created on: 4/19/2012 10:39:31 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\John O. B. Cole\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 66.23% Memory free
5.92 Gb Paging File | 4.60 Gb Available in Paging File | 77.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 232.67 Gb Free Space | 82.10% Space Free | Partition Type: NTFS
Computer Name: JOHNOBCOLE-PC | User Name: John O. B. Cole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/04/19 22:37:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\John O. B. Cole\Desktop\OTL.exe
PRC - [2012/04/18 20:03:36 | 000,353,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
PRC - [2012/03/07 16:27:25 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/28 17:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2009/07/16 23:57:36 | 004,562,944 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
PRC - [2009/07/16 23:57:36 | 000,026,112 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
PRC - [2009/07/16 23:57:04 | 003,086,848 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
PRC - [2009/07/15 13:47:20 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\stacsv.exe
PRC - [2009/07/13 20:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009/06/29 02:59:00 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/06/29 02:59:00 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/06/29 02:59:00 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/06/29 02:59:00 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/07 12:04:10 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\AstSrv.exe
PRC - [2007/02/12 03:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
========== Modules (No Company Name) ========== MOD - [2012/04/19 20:41:11 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/04/19 20:41:11 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/04/18 16:11:18 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/04/18 16:11:18 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/02/22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/01/01 21:36:03 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll
MOD - [2012/01/01 21:35:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/12/23 20:19:34 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/23 20:19:26 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/16 23:57:02 | 000,055,808 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
========== Win32 Services (SafeList) ========== SRV - [2012/04/18 20:03:36 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/07/28 17:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/26 23:48:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/16 23:57:36 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2009/07/15 13:47:20 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\stacsv.exe -- (STacSV)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/07 12:04:10 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\Windows\System32\\AstSrv.exe -- (Ast Service)
SRV - [2007/02/12 03:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\JOHNOB~1.COL\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/16 23:56:50 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2009/07/15 13:47:20 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/05/22 04:17:52 | 000,058,528 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
DRV - [2009/05/07 04:47:12 | 000,041,504 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
DRV - [2009/03/25 01:25:24 | 000,197,680 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/05/28 18:01:00 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2007/11/02 14:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/03/05 11:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2007/01/23 19:03:44 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2002/07/10 21:13:00 | 000,095,232 | ---- | M] (IC Media Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbuvt.sys -- (DCamUSBUVT)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" =
http://www.searchqu....q={searchTerms}IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT2786678IE - HKLM\..\SearchScopes\{D479C55D-D202-4CDF-B0B1-D76559A3F7DC}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\..\SearchScopes\{FE02C4FF-81A1-458D-ACF3-6848DD411A53}: "URL" =
http://search.live.c...ferrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\SearchScopes,DefaultScope = {F732A857-EDC8-4501-83B1-56B459A656BC}
IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...&rlz=1I7ADFA_enIE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\SearchScopes\{F732A857-EDC8-4501-83B1-56B459A656BC}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2010/01/24 21:48:44 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\John O. B. Cole\AppData\Roaming\Mozilla\Extensions
[2010/01/24 21:48:44 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\John O. B. Cole\AppData\Roaming\Mozilla\Extensions\
[email protected][2012/04/18 18:30:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John O. B. Cole\AppData\Roaming\Mozilla\Firefox\extensions
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\John O. B. Cole\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\John O. B. Cole\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/04/17 00:27:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2011/01/06 19:16:02 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3452009456-1726143999-3032453699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533}
https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9}
http://mobileapps.bl...re/AxLoader.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://linksyssuppo...rt/ieatgpc1.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://mygp.gp.com/...SetupClient.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.78.96.14 66.174.92.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A8BCDD7-B3AC-484F-9024-2082FA996F16}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80E15F0F-D1D2-4C83-9FE8-CFB89630CBA9}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3F941F7-E99B-4D0C-9A9D-949A4459184B}: DhcpNameServer = 69.78.96.14 66.174.92.14
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/04/19 22:37:41 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\John O. B. Cole\Desktop\OTL.exe
[2012/04/19 21:20:22 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\Desktop\New folder (2)
[2012/04/18 20:03:08 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/04/18 17:36:50 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/04/18 17:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/18 17:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/18 16:14:49 | 004,467,856 | ---- | C] (Swearware) -- C:\Users\John O. B. Cole\Desktop\ComboFix.exe
[2012/04/18 16:11:09 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\AppData\Roaming\SUPERAntiSpyware.com
[2012/04/18 16:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/04/18 16:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/04/18 16:03:17 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\Desktop\Virus
[2012/04/17 21:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeManager
[2012/04/17 21:56:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\aliedit
[2012/04/17 21:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trademanager
[2012/04/17 21:54:08 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\AppData\Local\Alibaba
[2012/04/17 16:35:00 | 000,000,000 | -H-D | C] -- C:\Users\John O. B. Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD
[2012/04/17 00:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/04/14 20:17:29 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\Desktop\New folder
[2012/04/06 21:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COCO
[2012/04/06 21:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\USEPA
[2012/04/06 21:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COSMOthermCO-LITE-C30-1201
[2012/04/06 21:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\COSMOlogic
[2012/04/06 21:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemSep 6.90 LITE
[2012/04/06 21:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\ChemSepL6v90
[2012/04/06 21:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CAPE-OPEN
[2012/04/06 21:55:57 | 000,000,000 | -H-D | C] -- C:\Users\John O. B. Cole\AppData\Roaming\COCO
[2012/04/06 21:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\COCO
[2012/04/04 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\John O. B. Cole\AppData\Roaming\Yahoo!
[2012/04/04 17:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2012/03/30 20:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/30 20:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/30 20:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
========== Files - Modified Within 30 Days ========== [2012/04/19 22:37:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\John O. B. Cole\Desktop\OTL.exe
[2012/04/19 22:28:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/19 22:12:34 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/19 22:12:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/19 20:48:02 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/19 20:48:02 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/19 20:45:49 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/19 20:45:49 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/19 20:40:57 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/19 20:40:42 | 2385,211,392 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/18 20:09:10 | 000,000,245 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\Posting New Topic - Geeks to Go Forums.url
[2012/04/18 20:03:08 | 000,003,011 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\HiJackThis.lnk
[2012/04/18 17:36:50 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/18 16:14:57 | 004,467,856 | ---- | M] (Swearware) -- C:\Users\John O. B. Cole\Desktop\ComboFix.exe
[2012/04/18 16:11:04 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/04/17 23:40:40 | 902,839,899 | -H-- | M] () -- C:\Users\John O. B. Cole\Documents\Poison Live Raw and uncut.avi
[2012/04/17 23:39:39 | 139,483,140 | -H-- | M] () -- C:\Users\John O. B. Cole\Documents\Poison_-_Unskinny_Bop_(Live)_(2nafish).mpg
[2012/04/17 16:35:02 | 000,000,168 | -H-- | M] () -- C:\ProgramData\-0qbJL73drjyc4Sr
[2012/04/17 16:35:02 | 000,000,000 | -H-- | M] () -- C:\ProgramData\-0qbJL73drjyc4S
[2012/04/17 16:34:58 | 000,000,256 | -H-- | M] () -- C:\ProgramData\0qbJL73drjyc4S
[2012/04/17 16:31:32 | 000,000,206 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\Wholesale Bike LED Flash Light Mount Bicycle Torch Clamp Holder.url
[2012/04/17 16:31:28 | 000,000,455 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\quick release handlebar bracket with clip - Google Search.url
[2012/04/17 16:31:24 | 000,000,322 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\2012 Exposure Quick Release Handlebar Bracket w- Clip - Competitive Cyclist.url
[2012/04/17 16:31:21 | 000,000,279 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\Google.url
[2012/04/16 23:04:39 | 000,327,680 | -H-- | M] () -- C:\Users\John O. B. Cole\Documents\2011 secret crack-make over $300 a day now -eBay's best.pdf
[2012/04/16 21:53:46 | 000,560,386 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\How to make money on ebay.pdf
[2012/04/16 21:39:40 | 000,000,141 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\OSHA Notice.url
[2012/04/15 23:30:57 | 000,000,230 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\Fabricated Metal Product Mfg - Mississippi Company Directory from Hoovers.com.url
[2012/04/08 21:29:52 | 005,080,344 | ---- | M] () -- C:\Users\John O. B. Cole\Desktop\Gasifierplansv1.zip
[2012/04/06 21:58:23 | 000,030,920 | ---- | M] () -- C:\Windows\System32\CapeOpenNet.tlb
[2012/04/06 21:56:12 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\ChemSep.lnk
[2012/04/04 17:31:48 | 000,001,135 | ---- | M] () -- C:\Users\John O. B. Cole\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/04/04 17:31:48 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/03/30 20:13:58 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
========== Files Created - No Company Name ========== [2012/04/18 20:03:25 | 000,000,245 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\Posting New Topic - Geeks to Go Forums.url
[2012/04/18 20:03:08 | 000,003,011 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\HiJackThis.lnk
[2012/04/18 17:36:50 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/18 16:11:04 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/04/17 16:35:02 | 000,000,168 | -H-- | C] () -- C:\ProgramData\-0qbJL73drjyc4Sr
[2012/04/17 16:35:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\-0qbJL73drjyc4S
[2012/04/17 16:34:57 | 000,000,256 | -H-- | C] () -- C:\ProgramData\0qbJL73drjyc4S
[2012/04/17 16:31:32 | 000,000,206 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\Wholesale Bike LED Flash Light Mount Bicycle Torch Clamp Holder.url
[2012/04/17 16:31:28 | 000,000,455 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\quick release handlebar bracket with clip - Google Search.url
[2012/04/17 16:31:24 | 000,000,322 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\2012 Exposure Quick Release Handlebar Bracket w- Clip - Competitive Cyclist.url
[2012/04/17 16:31:21 | 000,000,279 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\Google.url
[2012/04/16 22:31:51 | 000,327,680 | -H-- | C] () -- C:\Users\John O. B. Cole\Documents\2011 secret crack-make over $300 a day now -eBay's best.pdf
[2012/04/16 21:53:39 | 000,560,386 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\How to make money on ebay.pdf
[2012/04/16 21:39:40 | 000,000,141 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\OSHA Notice.url
[2012/04/08 21:29:51 | 005,080,344 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\Gasifierplansv1.zip
[2012/04/06 21:58:23 | 000,030,920 | ---- | C] () -- C:\Windows\System32\CapeOpenNet.tlb
[2012/04/06 21:56:12 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\ChemSep.lnk
[2012/04/04 20:52:40 | 000,000,230 | ---- | C] () -- C:\Users\John O. B. Cole\Desktop\Fabricated Metal Product Mfg - Mississippi Company Directory from Hoovers.com.url
[2012/04/04 17:31:48 | 000,001,135 | ---- | C] () -- C:\Users\John O. B. Cole\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/04/04 17:31:48 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/03/30 20:13:58 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/30 18:16:02 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/12/03 23:14:42 | 000,221,719 | -H-- | C] () -- C:\Users\John O. B. Cole\AppData\Local\census.cache
[2011/12/03 23:14:37 | 000,093,272 | -H-- | C] () -- C:\Users\John O. B. Cole\AppData\Local\ars.cache
[2011/12/03 23:07:59 | 000,000,036 | -H-- | C] () -- C:\Users\John O. B. Cole\AppData\Local\housecall.guid.cache
[2011/12/03 22:13:40 | 000,000,312 | -H-- | C] () -- C:\ProgramData\~Cykv2TIJ7IQveg
[2011/12/03 22:13:40 | 000,000,216 | -H-- | C] () -- C:\ProgramData\~Cykv2TIJ7IQvegr
[2011/12/03 22:13:33 | 000,000,448 | -H-- | C] () -- C:\ProgramData\Cykv2TIJ7IQveg
[2011/09/24 22:51:35 | 000,000,326 | ---- | C] () -- C:\Windows\wininit.ini
[2011/08/04 05:32:35 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/08/04 05:32:35 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/05/16 21:30:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\8532util.dll
[2011/05/16 21:30:16 | 000,036,864 | ---- | C] () -- C:\Windows\System32\ICMSetup532.dll
[2011/01/15 22:31:33 | 000,006,144 | ---- | C] () -- C:\Users\John O. B. Cole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/06 19:06:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/01/06 19:06:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/01/06 19:06:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/01/06 19:06:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/01/06 19:06:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/12/21 23:03:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/08/25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/05/20 20:50:24 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
========== LOP Check ========== [2011/12/05 21:51:51 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\AVG
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Azureus
[2011/10/05 23:31:49 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Babylon
[2011/01/25 23:40:59 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\BitLord
[2012/04/06 21:55:57 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\COCO
[2011/07/09 23:05:46 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\CoCreate
[2010/08/20 22:21:34 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/07 21:45:47 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\DiskAid
[2011/04/13 20:01:22 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\EconEx
[2011/01/24 23:00:22 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\FinalTorrent
[2012/04/18 18:30:22 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\IObit
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Juniper Networks
[2012/04/18 18:30:23 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\LibreOffice
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Media Get LLC
[2012/04/18 18:30:29 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\OpenOffice.org
[2011/10/27 21:39:16 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Pine Grove Software
[2011/01/25 00:18:05 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Python-Eggs
[2011/01/01 22:38:58 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Registry Mechanic
[2011/12/06 20:04:47 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Smart PC Solutions
[2012/04/18 18:30:29 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Stock NeuroMaster
[2012/04/18 18:44:07 | 000,000,000 | ---D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\StockFusion Studio
[2011/10/20 22:11:29 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\WeatherBug
[2011/01/30 22:40:09 | 000,000,000 | -H-D | M] -- C:\Users\John O. B. Cole\AppData\Roaming\Windows Live Writer
[2011/07/26 21:51:03 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2002/06/05 11:00:28 | 000,065,536 | ---- | M] () -- C:\Amcap532.exe
< MD5 for: EXPLORER.EXE >[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: SVCHOST.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < type c:\diskreport.txt /c >Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: JOHNOBCOLE-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 RECOVERY NTFS Partition 14 GB Healthy System
Volume 2 C OS NTFS Partition 283 GB Healthy Boot
< > ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[C:\Windows\$NtUninstallKB64478$] -> Error: Cannot create file handle -> Unknown point type
========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:DF934660
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D4A168E0
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
OTL Extras logfile created on: 4/19/2012 10:39:31 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\John O. B. Cole\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 66.23% Memory free
5.92 Gb Paging File | 4.60 Gb Available in Paging File | 77.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 232.67 Gb Free Space | 82.10% Space Free | Partition Type: NTFS
Computer Name: JOHNOBCOLE-PC | User Name: John O. B. Cole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FD3DF65-694C-4F71-97BA-1A70BB2B8B9C}" = ICM532
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}" = Dell Backup and Recovery Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{CFF8DABC-7022-4CC4-A4B8-73F3DD30EC9A}" = Multiple Back-Propagation 2.1.4
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"ChemSepL6v90" = ChemSep 6.90
"COCO" = COCO
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COSMOthermCO-LITE-C30-1201" = COSMOthermCO-LITE-C30-1201
"Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel® Graphics Media Accelerator Driver
"InvAn4" = InvAn4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Tiberius" = Tiberius
"TVWiz" = Intel® TV Wizard
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3452009456-1726143999-3032453699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Juniper_Setup_Client" = Juniper Networks Setup Client
"MediaGet" = MediaGet
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 4/14/2012 1:45:42 AM | Computer Name = JohnOBCole-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6536
Error - 4/14/2012 10:18:17 PM | Computer Name = JohnOBCole-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f7c Start
Time: 01cd1aa6b2c1911f Termination Time: 47 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 3f8e9956-86a1-11e1-b16a-0026b998dc41
Error - 4/15/2012 8:33:56 PM | Computer Name = JohnOBCole-PC | Source = Application Hang | ID = 1002
Description = The program SndVol.exe version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 640 Start
Time: 01cd1b687a89602d Termination Time: 0 Application Path: C:\Windows\system32\SndVol.exe
Report
Id: d462d20b-875b-11e1-b16a-0026b998dc41
Error - 4/15/2012 9:21:42 PM | Computer Name = JohnOBCole-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1568 Start
Time: 01cd1b64fab78872 Termination Time: 20 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 816f696c-8762-11e1-b16a-0026b998dc41
Error - 4/17/2012 1:30:24 AM | Computer Name = JohnOBCole-PC | Source = Application Hang | ID = 1002
Description = The program download[1].exe version 2.8.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 17f0 Start
Time: 01cd1c5a9c48426c Termination Time: 20 Application Path: C:\Users\John O. B.
Cole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1ZEQKPL\download[1].exe
Report
Id:
Error - 4/17/2012 1:50:35 AM | Computer Name = JohnOBCole-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x00032239 Faulting
process id: 0x244 Faulting application start time: 0x01cd1c088294fadd Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 3fe29bf4-8851-11e1-b0ac-0026b998dc41
Error - 4/17/2012 1:50:38 AM | Computer Name = JohnOBCole-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x00032239 Faulting
process id: 0x244 Faulting application start time: 0x01cd1c088294fadd Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 41d41b8d-8851-11e1-b0ac-0026b998dc41
Error - 4/17/2012 5:27:44 PM | Computer Name = JohnOBCole-PC | Source = Application Error | ID = 1000
Description = Faulting application name: InstallFlashPlayer.exe, version: 11.0.1.152,
time stamp: 0x4e7d1453 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x000001ff Faulting process id:
0xce8 Faulting application start time: 0x01cd1ce0e6034a65 Faulting application path:
C:\Users\JOHNOB~1.COL\AppData\Local\Temp\InstallFlashPlayer.exe Faulting module
path: unknown Report Id: 2b0f787f-88d4-11e1-b0ac-0026b998dc41
Error - 4/18/2012 4:45:39 PM | Computer Name = JohnOBCole-PC | Source = System Restore | ID = 8204
Description =
Error - 4/18/2012 5:43:32 PM | Computer Name = JohnOBCole-PC | Source = Application Error | ID = 1000
Description = Faulting application name: bcmwltry.exe, version: 5.30.21.0, time
stamp: 0x4a53eb2a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x03915a1c Faulting process id: 0x5b0 Faulting application
start time: 0x01cd1dac47d258e8 Faulting application path: C:\Program Files\Dell\Dell
Wireless WLAN Card\bcmwltry.exe Faulting module path: unknown Report Id: 8a99b73f-899f-11e1-b0ef-904ce53ad2e0
[ Broadcom Wireless LAN Events ]
Error - 3/30/2012 7:40:29 PM | Computer Name = JohnOBCole-PC | Source = WLAN-Tray | ID = 0
Description = 18:40:26, Fri, Mar 30, 12 Error - Unable to gain access to user store
[ Media Center Events ]
Error - 6/7/2011 10:03:27 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 9:03:27 PM - Error connecting to the internet. 9:03:27 PM - Unable
to contact server..
Error - 9/29/2011 9:06:18 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 8:06:17 PM - Error connecting to the internet. 8:06:17 PM - Unable
to contact server..
Error - 9/29/2011 10:06:23 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 9:06:23 PM - Error connecting to the internet. 9:06:23 PM - Unable
to contact server..
Error - 9/29/2011 11:06:28 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 10:06:28 PM - Error connecting to the internet. 10:06:28 PM - Unable
to contact server..
Error - 9/30/2011 9:17:25 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 8:17:24 PM - Error connecting to the internet. 8:17:24 PM - Unable
to contact server..
Error - 1/10/2012 10:15:07 PM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 8:15:06 PM - Error connecting to the internet. 8:15:06 PM - Unable
to contact server..
Error - 2/14/2012 5:39:34 AM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 3:39:33 AM - Error connecting to the internet. 3:39:33 AM - Unable
to contact server..
Error - 2/14/2012 6:42:39 AM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 4:42:39 AM - Error connecting to the internet. 4:42:39 AM - Unable
to contact server..
Error - 2/14/2012 7:45:44 AM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 5:45:44 AM - Error connecting to the internet. 5:45:44 AM - Unable
to contact server..
Error - 2/14/2012 8:45:49 AM | Computer Name = JohnOBCole-PC | Source = MCUpdate | ID = 0
Description = 6:45:49 AM - Error connecting to the internet. 6:45:49 AM - Unable
to contact server..
[ System Events ]
Error - 4/18/2012 4:46:18 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 4:47:34 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 4/18/2012 4:51:47 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 4:55:20 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 4:55:23 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 5:09:59 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 5:24:15 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 4/18/2012 5:32:21 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 4/18/2012 5:36:16 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
Error - 4/18/2012 5:36:16 PM | Computer Name = JohnOBCole-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.
< End of report >
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-19 22:46:48
-----------------------------
22:46:48.035 OS Version: Windows 6.1.7601 Service Pack 1
22:46:48.035 Number of processors: 2 586 0x170A
22:46:48.035 ComputerName: JOHNOBCOLE-PC UserName:
22:46:49.673 Initialize success
22:57:30.155 AVAST engine defs: 12041901
22:58:09.782 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:58:09.798 Disk 0 Vendor: ST932042 0004 Size: 305245MB BusType: 3
22:58:09.813 Disk 0 MBR read successfully
22:58:09.813 Disk 0 MBR scan
22:58:09.813 Disk 0 Windows VISTA default MBR code
22:58:09.813 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:58:09.844 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
22:58:09.844 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920
22:58:09.860 Disk 0 scanning sectors +625140400
22:58:09.954 Disk 0 scanning C:\Windows\system32\drivers
22:58:20.001 Service scanning
22:58:38.114 Modules scanning
22:58:46.714 Disk 0 trace - called modules:
22:58:47.275 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
22:58:47.275 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e92ac8]
22:58:47.291 3 CLASSPNP.SYS[8bbac59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86431028]
22:58:50.411 AVAST engine scan C:\Windows
22:58:53.172 AVAST engine scan C:\Windows\system32
23:01:22.809 AVAST engine scan C:\Windows\system32\drivers
23:01:35.850 AVAST engine scan C:\Users\John O. B. Cole
23:03:11.743 Disk 0 MBR has been saved successfully to "C:\Users\John O. B. Cole\Desktop\MBR.dat"
23:03:11.758 The log file has been saved successfully to "C:\Users\John O. B. Cole\Desktop\aswMBR.txt"