Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

yearly virus check [Closed]


  • This topic is locked This topic is locked

#1
mikey1988

mikey1988

    Member

  • Member
  • PipPip
  • 13 posts
Hey my mom's computer seems like its got some sort of malware on it. Just runs kind of slow. Anyways heres the OTL files. Thank you.

OTL logfile created on: 9/13/2013 11:52:04 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sharon McCaffrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.84 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 53.31% Memory free
7.68 Gb Paging File | 5.72 Gb Available in Paging File | 74.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.64 Gb Total Space | 237.13 Gb Free Space | 82.44% Space Free | Partition Type: NTFS

Computer Name: SHARONMCCAFFREY | User Name: Sharon McCaffrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/13 11:47:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sharon McCaffrey\Downloads\OTL.exe
PRC - [2013/09/03 14:17:22 | 000,832,360 | ---- | M] (Spigot, Inc.) -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.exe
PRC - [2013/09/02 13:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/08/30 02:50:34 | 001,601,488 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/07/15 18:18:37 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/05/19 05:47:54 | 013,106,328 | ---- | M] (The Weather Channel) -- C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2013/03/24 04:39:42 | 000,056,904 | ---- | M] (Mindspark Interactive Network) -- C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe
PRC - [2013/02/22 18:29:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\HssSrv.exe
PRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/08/21 14:43:58 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/08/21 14:43:58 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009/07/28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe
PRC - [2009/07/13 16:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2009/07/12 23:35:58 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2009/01/13 22:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
PRC - [2008/11/13 18:11:26 | 001,086,840 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2008/11/12 17:02:14 | 003,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/03 22:33:20 | 018,101,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\069130d01589ff7ead36c597b37fcdf7\System.ServiceModel.ni.dll
MOD - [2013/09/03 22:31:20 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\9282d4193ff97f75bb615def36b09a8e\System.Deployment.ni.dll
MOD - [2013/09/03 22:31:19 | 000,189,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\f9140eac8d0bbea9d422fddf360b57ad\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/09/03 22:31:19 | 000,096,768 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/09/03 22:31:18 | 000,762,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll
MOD - [2013/09/03 22:31:14 | 001,021,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d82770dc4e5fee30ca8a7244bf7f613a\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/09/03 22:31:13 | 002,647,552 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43\System.Runtime.Serialization.ni.dll
MOD - [2013/09/03 22:31:13 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/09/03 22:31:10 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c389533f1477363803e53dce01560d12\System.Xml.Linq.ni.dll
MOD - [2013/09/03 22:31:09 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/09/02 13:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 13:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 13:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 13:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 13:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 13:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/08/14 20:03:19 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
MOD - [2013/08/14 20:03:07 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll
MOD - [2013/08/14 20:03:02 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 20:02:53 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 20:02:51 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll
MOD - [2013/08/14 20:02:50 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll
MOD - [2013/08/14 20:02:41 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/08/14 20:02:40 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 20:02:39 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll
MOD - [2013/08/14 20:02:35 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/07/13 23:04:24 | 000,196,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\cb5671235362c8e17b1a1f0b67bfc8d9\UIAutomationTypes.ni.dll
MOD - [2013/07/11 15:05:15 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2009/07/12 23:35:58 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/08/21 10:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/03 19:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/08/22 17:17:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/22 18:29:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\HssSrv.exe -- (HssSrv)
SRV - [2013/02/21 18:54:48 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2012/08/21 14:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/28 22:06:52 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ACFXAU64.dll -- (AcfXAudioService)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/11/13 18:11:26 | 001,086,840 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2008/11/12 17:02:14 | 003,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/23 19:15:22 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/02/21 18:43:20 | 000,046,280 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 02:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/09/02 00:11:18 | 000,123,008 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ACFVA64.sys -- (acfva)
DRV:64bit: - [2009/08/27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/20 17:04:06 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/07/30 22:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 18:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:49 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 23:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/04/28 22:06:44 | 000,034,944 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ACFDCP64.sys -- (dgcfltr)
DRV:64bit: - [2009/04/28 22:06:36 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFXAU64.sys -- (XAudio)
DRV:64bit: - [2008/11/12 17:02:28 | 000,131,184 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ssidrv.sys -- (SSIDRV)
DRV:64bit: - [2008/11/12 17:02:26 | 000,037,488 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ssfs0bbc.sys -- (SSFS0BBC)
DRV:64bit: - [2007/03/15 02:53:46 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFSDK64.sys -- (mdmxsdk)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D2F7022C-154D-41F7-B679-015DB194A56F}
IE:64bit: - HKLM\..\SearchScopes\{D2F7022C-154D-41F7-B679-015DB194A56F}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {DD21F75B-908F-48B4-A926-4D685D472552}
IE - HKLM\..\SearchScopes\{DD21F75B-908F-48B4-A926-4D685D472552}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...cr_26.0.1410.64
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {43B9D90F-EC64-454A-AFE0-1D1BADB48830}
IE - HKCU\..\SearchScopes\{43B9D90F-EC64-454A-AFE0-1D1BADB48830}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{54927065-0977-4CFC-9D17-35E6603881B2}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKCU\..\SearchScopes\{DD21F75B-908F-48B4-A926-4D685D472552}: "URL" = http://www.google.co...&rlz=1I7TSNA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/26 09:42:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/26 09:42:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Sharon McCaffrey\AppData\Local\Arcadesafari\[email protected] [2013/05/19 05:45:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}: C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ [2013/05/19 05:59:24 | 000,000,000 | ---D | M]

[2012/01/05 01:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharon McCaffrey\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://www.search.as...cr_26.0.1410.64
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U14 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - Extension: Ask Shopping Toolbar = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalochklicijkjhkngjiopjcmdpegp\21.56980_0\
CHR - Extension: Google Drive = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Arcadesafari = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg\
CHR - Extension: PlayFizz Platinum Content Add-on = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\1.0.0_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PlayFizz Platinum Content Add-on) - {757FAD76-20D9-4973-BD64-9208ED0A0624} - C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll (PlayFizz)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CnxtCoInstallerDefer] C:\Program Files\CONEXANT\SETUP4C156FF91\SETUP\SETUP64.EXE (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKCU..\Run: [SearchProtection] C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O4 - HKLM..\RunOnce: [GamingWonderland Chrome Extension-bar-CrxRegPatcher] C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe (Mindspark Interactive Network)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E03E33F-113E-4E69-9B48-9343243E58EE}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/26 10:28:37 | 000,000,000 | ---D | C] -- C:\Users\Sharon McCaffrey\Documents\New folder (2)
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/13 11:48:16 | 000,001,480 | ---- | M] () -- C:\Users\Sharon McCaffrey\Desktop\OTL - Shortcut.lnk
[2013/09/13 11:41:27 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/13 11:41:27 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/13 11:39:35 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/09/13 11:39:35 | 000,624,412 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/09/13 11:39:35 | 000,106,756 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/09/13 11:34:00 | 000,000,306 | ---- | M] () -- C:\windows\tasks\RMAutoUpdate.job
[2013/09/13 11:33:58 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2013/09/13 11:33:58 | 000,000,914 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/13 11:33:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/13 11:33:39 | 3092,942,848 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/11 17:25:08 | 000,000,306 | ---- | M] () -- C:\windows\tasks\PlayFizz.job
[2013/09/11 17:23:02 | 000,000,918 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/10 19:52:34 | 000,000,306 | ---- | M] () -- C:\windows\tasks\RMSchedule.job
[2013/09/09 01:36:41 | 000,000,530 | ---- | M] () -- C:\windows\tasks\Arcadesafari.job
[2013/09/08 05:57:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/08/30 23:47:43 | 000,000,394 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\ANGEL'S WINGS.rtf
[2013/08/29 23:59:55 | 000,000,809 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\Promise.rtf
[2013/08/28 00:24:14 | 000,002,733 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\EVERYDAY CHORES.rtf
[2013/08/26 11:00:48 | 000,001,046 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\BASIC DAILY SCHEDULE.rtf
[2013/08/26 10:29:57 | 000,001,046 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\Document.rtf
[2013/08/24 17:06:45 | 000,001,313 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\TEN As for ALZHEIMERS.rtf
[2013/08/16 10:29:10 | 000,001,057 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\CURRENT MEDS.rtf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/13 11:48:16 | 000,001,480 | ---- | C] () -- C:\Users\Sharon McCaffrey\Desktop\OTL - Shortcut.lnk
[2013/08/30 23:47:43 | 000,000,394 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\ANGEL'S WINGS.rtf
[2013/08/29 23:59:55 | 000,000,809 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\Promise.rtf
[2013/08/26 10:59:01 | 000,002,733 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\EVERYDAY CHORES.rtf
[2013/08/24 17:06:45 | 000,001,313 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\TEN As for ALZHEIMERS.rtf
[2013/07/31 02:00:33 | 000,000,108 | ---- | C] () -- C:\Users\Sharon McCaffrey\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/29 22:59:03 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Hotspot Shield
[2013/07/29 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection
[2013/07/31 02:01:07 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Template
[2010/03/16 03:40:35 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Toshiba
[2013/08/03 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\uTorrent
[2010/03/13 15:39:17 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 9/13/2013 11:52:04 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sharon McCaffrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.84 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 53.31% Memory free
7.68 Gb Paging File | 5.72 Gb Available in Paging File | 74.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.64 Gb Total Space | 237.13 Gb Free Space | 82.44% Space Free | Partition Type: NTFS

Computer Name: SHARONMCCAFFREY | User Name: Sharon McCaffrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B2242B39-77DD-46D5-AE50-FA2BF5771A37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3174953-2CD0-4972-B05D-6129BB2BF027}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B49DBFF-1F62-4339-84F6-DB2C35879F57}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1DDCB115-E80E-4B7A-A11F-42E65E80344D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31EA378B-06DC-4B26-9603-6F79A3606B71}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{33139F63-A4E7-4406-9483-1783A2D9706E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{36B140B4-5C68-4F98-8B9B-0EBEAA6678FE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{590E9DE9-CAA3-47ED-B8B2-CED07B03522C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{62912B97-6A7C-404E-BA5E-266F6017B455}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{62BB37C0-92C6-4C60-9F4D-43DA6ECD4F03}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{657A9DFB-9C63-4A9D-840A-5B42A827EF05}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6592C55D-F48F-4585-9228-E858492E9189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{6A7E0AF0-545C-4619-879E-7FB8E5D3C32F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{70FF294D-0AE7-4557-B82F-09672AFDDFE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{7172EA7F-40C0-49C2-BFBE-0E7D625DC0B5}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7A81F047-2AE4-450F-B77C-E928E30CF22F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{892482CC-F2A8-47B2-850A-8A048839520F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8E86BE65-2376-430A-B7EA-90D5437EEAF1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{99A8EA41-F3EB-497A-A620-A84FC46D335A}" = protocol=17 | dir=in | app=c:\users\sharon mccaffrey\appdata\roaming\utorrent\utorrent.exe |
"{99B6BC49-B2F7-4263-9DA9-89D398BF589F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A4549526-90EC-4D64-8A5C-7378D1C8A20D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AB98D89D-2E22-4CE8-8DFE-6AB183B7FF8C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{B8FA5014-4D0C-4EB0-80F0-17B25DF9CE4F}" = protocol=6 | dir=in | app=c:\users\sharon mccaffrey\appdata\roaming\utorrent\utorrent.exe |
"{BBA724FC-69AA-412C-B92F-67F91998BD5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{C22E6C0D-EE07-4DCE-AE31-680A56E0C77F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CC4B2713-8C49-4F26-9C7C-13BBF9F001F2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CFD87C80-00CF-40B9-B411-D3EFE5657B55}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{D2F32D17-336B-49F0-90AF-9AC53E6AC2CA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3B2BC09-3F9E-47F5-BA97-182ECD58609D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{FA1C11DF-6B3D-4877-96AF-36C0B8B9852C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"TCP Query User{B0D22EA6-4136-4E54-95C8-BE739728F96C}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy Software Installer
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CNXT_MODEM_USB_ACF" = USB Modem
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{41534932-2D56-3600-76A7-A758B70C0300}" = Ask Toolbar
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}" = DIRECTV Player
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{46415333-2D53-4154-00A7-A758B70C0300}" = Ask Shopping Toolbar
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F972D0AE-D224-4493-9A27-D4CD7861DF4A}" = CostWorks 2011
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Best Buy Software Installer" = Best Buy Software Installer
"GamingWonderland Chrome Extension Uninstall" = GamingWonderland Toolbar Chrome Extension
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 3.11
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"NSS" = Norton Security Scan
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"The Weather Channel App" = The Weather Channel App
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{AA01668E-5FA3-4B8D-9AB4-0D3480513000}" = PlayFizz
"Arcadesafari" = Arcadesafari
"Search Protection" = Search Protection
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/7/2013 2:35:54 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2075

Error - 9/7/2013 2:35:55 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/7/2013 2:35:55 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3089

Error - 9/7/2013 2:35:55 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3089

Error - 9/7/2013 2:35:57 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/7/2013 2:35:57 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4774

Error - 9/7/2013 2:35:57 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4774

Error - 9/7/2013 3:29:21 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/7/2013 3:29:21 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3208629

Error - 9/7/2013 3:29:21 AM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3208629

[ Media Center Events ]
Error - 10/15/2012 5:53:09 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 2:53:05 PM - Error connecting to the internet. 2:53:05 PM - Unable
to contact server..

Error - 10/16/2012 3:25:46 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 12:25:46 AM - Error connecting to the internet. 12:25:46 AM - Unable
to contact server..

Error - 10/16/2012 3:25:57 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 12:25:52 AM - Error connecting to the internet. 12:25:52 AM - Unable
to contact server..

Error - 10/16/2012 8:20:28 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 5:20:27 PM - Error connecting to the internet. 5:20:28 PM - Unable
to contact server..

Error - 10/16/2012 8:20:43 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 5:20:33 PM - Error connecting to the internet. 5:20:33 PM - Unable
to contact server..

Error - 10/17/2012 9:58:37 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:58:37 PM - Error connecting to the internet. 6:58:37 PM - Unable
to contact server..

Error - 10/17/2012 9:58:47 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:58:42 PM - Error connecting to the internet. 6:58:42 PM - Unable
to contact server..

Error - 10/25/2012 12:58:14 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 9:58:14 AM - Error connecting to the internet. 9:58:14 AM - Unable
to contact server..

Error - 10/25/2012 12:58:27 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 9:58:19 AM - Error connecting to the internet. 9:58:19 AM - Unable
to contact server..

Error - 11/27/2012 10:46:32 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:46:24 AM - Error connecting to the internet. 6:46:24 AM - Unable
to contact server..

[ System Events ]
Error - 9/8/2013 2:55:09 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/8/2013 5:50:22 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/8/2013 8:24:14 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/8/2013 8:50:23 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/9/2013 4:31:02 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/10/2013 12:03:04 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/10/2013 12:42:44 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/10/2013 10:40:39 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/11/2013 8:18:14 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/13/2013 2:33:32 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.


< End of report >
  • 0

Advertisements


#2
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world! :)

I am Pyxis and I will be assisting you with the problem at hand. Whilst I am taking the time to analyse your set of provided logs, I would like to stress the following reminders:

  • I am a student that is currently undergoing training. As such, my responses have to be checked by a professional before I present them to you to ensure you get the best quality help. If you deem I have overlooked your thread, which is in a matter of more than 24 hours, please send me a PM and I will get back to you shortly.
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. It is important that you only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
I hope you keep in mind these reminders. I will be right back with a full response! :thumbsup:

Thank you.
  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi mikey1988,

Hey my mom's computer seems like its got some sort of malware on it. Just runs kind of slow. Anyways heres the OTL files. Thank you.

Right you are--I see adware present in the system. Let's remove these in a jiffy. :)

  • Step 1
After examining your logs, I have seen that you currently have one or more P2P Programs installed. I would recommend their removal as the networks these programs are involved in are breeding places for malware. The things you are downloading are not one hundred percent safe as they can be uploaded by anyone on the Internet, some possibly aiding in the propagation of malware.

More can be read from the following sources:

You are advised to remove the following programs by uninstalling them:

  • µTorrent
Note: This step is optional. You may or may not remove the programs, however I strongly suggest getting rid or disabling them before we continue with the process.
  • Step 2
Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.

    Posted Image

  • Copy and paste the following into the Custom Scans/Fixes box:

    :OTL
    PRC - [2013/09/13 11:47:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sharon McCaffrey\Downloads\OTL.exe
    PRC - [2013/09/03 14:17:22 | 000,832,360 | ---- | M] (Spigot, Inc.) -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.exe
    PRC - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    PRC - [2013/08/30 02:50:34 | 001,601,488 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    PRC - [2013/03/24 04:39:42 | 000,056,904 | ---- | M] (Mindspark Interactive Network) -- C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe
    SRV - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...cr_26.0.1410.64
    IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Sharon McCaffrey\AppData\Local\Arcadesafari\[email protected] [2013/05/19 05:45:40 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}: C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ [2013/05/19 05:59:24 | 000,000,000 | ---D | M]
    O2 - BHO: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (PlayFizz Platinum Content Add-on) - {757FAD76-20D9-4973-BD64-9208ED0A0624} - C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll (PlayFizz)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O3 - HKLM\..\Toolbar: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
    O4 - HKCU..\Run: [SearchProtection] C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
    O4 - HKLM..\RunOnce: [GamingWonderland Chrome Extension-bar-CrxRegPatcher] C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe (Mindspark Interactive Network)
    [2013/09/11 17:25:08 | 000,000,306 | ---- | M] () -- C:\windows\tasks\PlayFizz.job
    [2013/09/09 01:36:41 | 000,000,530 | ---- | M] () -- C:\windows\tasks\Arcadesafari.job
    [2013/07/29 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1
    
    :Files
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalochklicijkjhkngjiopjcmdpegp\
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg\
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\
    
    :Commands
    [emptytemp]
  • Click Run Fix.
  • OTL will reboot your system. Allow it by clicking OK.
  • After a the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
  • Copy and paste (CTRL + A and CTRL + C) the content of that log in your next reply.
  • Step 3
Download 'AdwCleaner by Xplode' and save it to your desktop.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.
  • Click Scan and choose Clean after.
  • Wait for it to finish. It won't take long.
  • Click OK for the next prompts. Your system will automatically reboot.
  • A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner[**].txt.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the log back here.
  • Step 4
Upon careful inspection, your log indicates that the program(s) listed below is installed on your computer. I would like to request for the removal of the program(s) as it is associated with malware, adware or spyware. Please proceed to uninstalling by going to Control Panel (Windows XP) or Programs and Features (Windows Vista or Windows 7). If Windows says it cannot locate the program(s) and that it prompts for it to be removed from the list instead, do so by allowing it.

Arcadesafari
Ask Shopping Toolbar
Ask Toolbar
Best Buy Software Installer
MarketResearch
PlayFizz
Search ProtectionIn addition, please uninstall the following:

Norton Security ScanInform me if you encounter problems in the removal process.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):

  • MMDDYYYY_HHMMSS.log (OTL)
  • AdwCleaner[S*].txt (AdwCleaner)
By the way, would you happen to know whether your copy of Spy Sweeper is licensed (i.e. you bought it) or is it just a trial?
  • 0

#4
mikey1988

mikey1988

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I didn't manage to get an OTL log. it shut down all the programs I was running when I clicked run fix. I did manage to get the ADW log though. Here's the ADW log file. Thanks for the help.


# AdwCleaner v3.004 - Report created 16/09/2013 at 19:41:57
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sharon McCaffrey - SHARONMCCAFFREY
# Running from : C:\Users\Sharon McCaffrey\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Sharon McCaffrey\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\SHARON~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [3967 octets] - [16/09/2013 19:38:15]
AdwCleaner[S0].txt - [3727 octets] - [16/09/2013 19:41:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3787 octets] ##########
  • 0

#5
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi mikey1988,

Oops--there is something in the script that is causing that. I've corrected it below. By the way, would you happen to know whether your copy of Spy Sweeper is licensed (i.e. you bought it) or is it just a trial?

  • Step 1
Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.

    Posted Image

  • Copy and paste the following into the Custom Scans/Fixes box:

    :OTL
    PRC - [2013/09/03 14:17:22 | 000,832,360 | ---- | M] (Spigot, Inc.) -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.exe
    PRC - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    PRC - [2013/08/30 02:50:34 | 001,601,488 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    PRC - [2013/03/24 04:39:42 | 000,056,904 | ---- | M] (Mindspark Interactive Network) -- C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe
    SRV - [2013/08/30 02:50:41 | 000,164,816 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...cr_26.0.1410.64
    IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Sharon McCaffrey\AppData\Local\Arcadesafari\[email protected] [2013/05/19 05:45:40 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}: C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ [2013/05/19 05:59:24 | 000,000,000 | ---D | M]
    O2 - BHO: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (PlayFizz Platinum Content Add-on) - {757FAD76-20D9-4973-BD64-9208ED0A0624} - C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll (PlayFizz)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O3 - HKLM\..\Toolbar: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {41534932-2D56-3600-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll (APN LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Shopping Toolbar) - {46415333-2D53-4154-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\FAS3-SAT\Passport.dll (APN LLC.)
    O4 - HKCU..\Run: [SearchProtection] C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
    O4 - HKLM..\RunOnce: [GamingWonderland Chrome Extension-bar-CrxRegPatcher] C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe (Mindspark Interactive Network)
    [2013/09/11 17:25:08 | 000,000,306 | ---- | M] () -- C:\windows\tasks\PlayFizz.job
    [2013/09/09 01:36:41 | 000,000,530 | ---- | M] () -- C:\windows\tasks\Arcadesafari.job
    [2013/07/29 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1
    
    :Files
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalochklicijkjhkngjiopjcmdpegp\
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg\
    C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\
    
    :Commands
    [emptytemp]
  • Click Run Fix.
  • OTL will reboot your system. Allow it by clicking OK.
  • After a the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
  • Copy and paste (CTRL + A and CTRL + C) the content of that log in your next reply.
  • Step 2
If you haven't already, download 'OTL by OldTimer' and save it to your desktop.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.
  • Ensure that the following settings are followed. Make sure all other windows are closed and let it run uninterrupted.

    Posted Image

  • Click Run Scan.
  • After a short while, two Notepad windows will appear, named OTL.txt and Extras.txt. Alternatively, you can also find these at your desktop.
  • Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):

  • MMDDYYYY_HHMMSS.log (OTL
  • Extras.txt (OTL)
  • OTL.txt (OTL)

  • 0

#6
mikey1988

mikey1988

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Looks like spy sweeper is unlicensed, but the logs did load this time here they are.

Here's the fix file

All processes killed
========== OTL ==========
No active process named SearchProtection.exe was found!
No active process named apnmcp.exe was found!
No active process named TBNotifier.exe was found!
No active process named CrxRegPatcher.exe was found!
Error: No service named APNMCP was found to stop!
Service\Driver key APNMCP not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] not found.
File C:\Users\Sharon McCaffrey\AppData\Local\Arcadesafari\[email protected] not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ not found.
File C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{757FAD76-20D9-4973-BD64-9208ED0A0624}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{757FAD76-20D9-4973-BD64-9208ED0A0624}\ not found.
File C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41534932-2D56-3600-76A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File V6\Passport.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{46415333-2D53-4154-00A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46415333-2D53-4154-00A7-7A786E7484D7}\ not found.
File SAT\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41534932-2D56-3600-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File V6\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46415333-2D53-4154-00A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46415333-2D53-4154-00A7-7A786E7484D7}\ not found.
File SAT\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully.
File C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.EXE not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GamingWonderland Chrome Extension-bar-CrxRegPatcher deleted successfully.
C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe moved successfully.
File C:\windows\tasks\PlayFizz.job not found.
File C:\windows\tasks\Arcadesafari.job not found.
Folder C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\ not found.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
Folder C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalochklicijkjhkngjiopjcmdpegp not found.
Folder C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg not found.
C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\1.0.0_0 folder moved successfully.
C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sharon McCaffrey
->Temp folder emptied: 211018997 bytes
->Temporary Internet Files folder emptied: 557857251 bytes
->Java cache emptied: 1886079 bytes
->Google Chrome cache emptied: 421905205 bytes
->Flash cache emptied: 13743 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 680099842 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42332402 bytes
RecycleBin emptied: 663353825 bytes

Total Files Cleaned = 2,459.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09172013_143053

Files\Folders moved on Reboot...
C:\Users\Sharon McCaffrey\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sharon McCaffrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\windows\temp\wrstemp\SSMS00D94529-CDC8-480E-957F-783CA55438E9.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0221EA76-6E6C-40C2-A19E-41D5DE992D03.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS02E11D3A-E32A-4FB6-B939-93EB79895DC5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0509DBC7-6976-4267-975B-9F13459E4392.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS07E314E6-B47E-4B79-B9D2-410FC101455F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS08101C17-5DA1-43A3-963B-4BF52494B444.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0AD40377-63E9-4013-8E1C-90CEFA54B357.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0BDE4B7C-35F9-4280-8BF8-31BF7CE73888.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0C9FD34D-EB5F-40AD-AEC4-F714D426BDAB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1669DA79-BB5F-42A9-8ECF-BB0517A7C679.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS174280EB-F747-43D6-86FA-724411B1CCBD.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS19B22F97-44ED-4C70-9513-18D94C1EB6ED.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1AE819AF-112F-421B-B23B-EFA0ECAEC9F4.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1CFFF537-74D6-472A-BDCB-154FAE40191B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1DB63A0D-2F5D-4706-8532-58F3FC9184D6.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2341609B-1FB7-4A7A-919E-91E0413282C3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS23AC837F-80AA-49B1-9F6F-03F4174CB27A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2409D72F-4848-43ED-BDDA-67939373FF41.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS246E167A-0905-4319-9A24-373D6C301D2E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2555194A-FC65-4404-B558-0C4C1BE8D0A4.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS28481B8E-3D46-4E50-B4BF-6E76F9071CF5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS29938BAB-EA8F-4E28-BB10-9928812F72E0.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2AAD98DE-F453-4083-ABB6-4B8DF388F110.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2BB95361-E78D-42EA-8FAB-E2BA6FE8F62E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2C49E4AF-4C2D-4D97-84F7-FD5ACBD36BED.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2D50F96F-EB7A-4BC2-99D3-2E04CA2DBE23.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3012E689-B1F8-4880-B25F-C776BC6E524B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS31D72CCC-F33C-4DDC-9BA2-5F4EB7248C23.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS335CC815-A0E9-482E-8893-5DB7AE256447.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS34BF056B-39E5-4566-B788-8C8132AE5684.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3BDBE24B-CB5D-4545-8A22-68F986C2EA1A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3E140369-932F-4EBF-9117-267399560490.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS417AD91D-AC40-45B8-8FE0-695EAE176A9A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS422CA6C9-BD49-483D-B844-0AB78FB25F48.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS48BE15E0-00B4-4B68-9FA4-DEAFDBB2A0CB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS4B622A76-B80D-4236-924D-BFD346892037.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS508856A7-300C-445A-B91C-D191CD8BBA8E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS50C182B3-0F27-4416-84D1-6635F72C4272.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS559B5BAF-87FB-4733-B1FA-56C415E7C33A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS55CAA23F-7264-4057-88E7-056B92CD0D07.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS59582C28-33D6-45FD-9DFC-18B5F61215F8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS5F44BBCF-CCC8-41EA-B74E-87A6D46D1355.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS616A9B3C-7554-46AF-8E3F-A8B0D9C2F6E9.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6A39AAEC-7FD0-4C5F-A2BF-B6AF79E7BE1F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6B61A956-C688-4105-BA32-812F87D69DE1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6E8BBF87-7746-438D-8B44-3504EC36D343.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6FB74611-AF5F-4016-A1CE-BF5BD58F04E1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS76AB6F46-EC21-4B85-833F-4614C5670F33.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7791909C-A7C3-421B-AADD-97EDEF60DC6B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7851F2F5-0C76-406E-8900-C267E6FD95EC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7A3E61FA-BBB7-4E93-998F-386EA998174E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7BD8C8D8-F9AE-4A9B-A26F-1EF2B2DA1680.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7C16EBE5-30F9-42C8-9EE8-77C650F400EA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7CEC09F3-8CB3-485C-B458-9C2F1FFC6E9B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7E10E4CB-751C-44E5-A894-2EE9246283FA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS81838877-709B-4772-A777-84ECCA46967D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS81A31907-3B0D-44D5-ADC8-4C5DCA8F91AC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS8885ADBF-2592-48C2-BAF2-216B4BCBA655.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS8C19B2EF-1565-4E6E-8DF5-4E53EF3493FB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS90089C99-9326-4BEB-8C86-64D81DA7D9FD.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS975CDACB-1D70-43DB-B8A8-8F96A69FDE46.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS99CC571D-9065-4A1D-9955-A5912C33ACE7.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9A4F0DA6-DA60-4877-9C7C-80534B9A8BE1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9AB7DB2E-D604-4FDA-AF63-A634F9071189.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9ACFF7EC-C8D3-4F67-B3B0-3781BD644738.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9B772B90-47E3-4FD9-9FE0-E6A23293D659.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9DE29289-E778-465F-A105-16A69527274D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9E7509F8-6C48-4E39-8741-4CA3C8A50322.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA2E0B4DB-B228-4F1B-AD1F-FC2E22937F01.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA4A1E4B3-A65E-40F5-883A-B73AF5F874D3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA79313CE-EF6E-40B5-90F4-28F1E54A563D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA8C4839D-A345-4618-A087-92D9B1BC8266.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSAD2A508D-7138-4639-AEF7-F35AF2D41AA5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSAE71C24B-7218-4B6A-9BB4-B48F44B0C4AE.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB06B4EFC-8EF6-41D6-A930-5D1EE69E5A83.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB7FF7AE2-CF2E-4179-B1F3-2EE83F310E38.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB81258EC-79B1-4B84-809D-ADB8B780685B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB9FE00D7-A2AA-4DAC-BAD2-14E3A7E3407E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSBC07BC4B-44B1-46C5-967D-78EC9A02C727.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSBE8AD613-87C0-46DE-B431-EF4B8AFDDB98.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC84FEB02-3565-4D6E-A617-B08847527149.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC9C7F920-909D-47F4-B7FC-A7F446435E94.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC9DD4D7F-3EDE-47B7-B7DA-BE428FA554F1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD4B6B016-C667-4762-A575-6B5C94F988BC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD5CFC2AC-A82E-45C6-BCA2-805D89D59B94.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD9D9579B-579B-44E8-8172-56896EE724C1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSDC6C26DC-8F9D-421E-9C61-C17C13EC4D7A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSDF6F860D-016C-498D-9659-FCC1144B4D5A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE2F97E33-1681-4A41-9F0F-A091DB306BC8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE6914837-F363-4346-A830-1191EC0DD0B5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE82A4F6A-CEC0-4340-955E-E280DBE46000.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSEC4B0956-4BB0-4DB0-813A-BA6B38411208.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF0933944-5F65-4DE3-9757-7CA042058A96.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF128E2E9-C20E-400A-9860-4F90608326B8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF14B9CC1-606A-469D-B730-B4B6222663A6.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF28DFFD1-DD75-4926-86B8-00CDDB7D85F3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF2E96F00-BA92-45CB-8FC0-8E8371FEFB91.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF35EB8F6-CFDD-4A30-9B97-A0DADDD7F064.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF5436DAD-734A-41C2-9C38-2EC0E043D37F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF5773710-E599-4A35-8491-C88D483A7588.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF7204FA6-FCC2-416D-BDA3-668CA03A4D2B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF7B5805E-8922-4EE7-885E-3757A3BAE7DA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSFE03473A-D31D-4E85-9CDC-A06E3B832F69.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSFFFD2061-A1E2-4341-A3F6-D06F2E0AFCE2.tmp not found!
File\Folder C:\windows\temp\TMP000000020D82AE526A87206F not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Here's the scan file

All processes killed
========== OTL ==========
No active process named SearchProtection.exe was found!
No active process named apnmcp.exe was found!
No active process named TBNotifier.exe was found!
No active process named CrxRegPatcher.exe was found!
Error: No service named APNMCP was found to stop!
Service\Driver key APNMCP not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] not found.
File C:\Users\Sharon McCaffrey\AppData\Local\Arcadesafari\[email protected] not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ not found.
File C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ASI2-V6\Passport.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{757FAD76-20D9-4973-BD64-9208ED0A0624}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{757FAD76-20D9-4973-BD64-9208ED0A0624}\ not found.
File C:\Users\Sharon McCaffrey\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41534932-2D56-3600-76A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File V6\Passport.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{46415333-2D53-4154-00A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46415333-2D53-4154-00A7-7A786E7484D7}\ not found.
File SAT\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41534932-2D56-3600-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41534932-2D56-3600-76A7-7A786E7484D7}\ not found.
File V6\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46415333-2D53-4154-00A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46415333-2D53-4154-00A7-7A786E7484D7}\ not found.
File SAT\Passport.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully.
File C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\SearchProtection.EXE not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GamingWonderland Chrome Extension-bar-CrxRegPatcher deleted successfully.
C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\CrxRegPatcher.exe moved successfully.
File C:\windows\tasks\PlayFizz.job not found.
File C:\windows\tasks\Arcadesafari.job not found.
Folder C:\Users\Sharon McCaffrey\AppData\Roaming\Search Protection\ not found.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
Folder C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalochklicijkjhkngjiopjcmdpegp not found.
Folder C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg not found.
C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\1.0.0_0 folder moved successfully.
C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sharon McCaffrey
->Temp folder emptied: 211018997 bytes
->Temporary Internet Files folder emptied: 557857251 bytes
->Java cache emptied: 1886079 bytes
->Google Chrome cache emptied: 421905205 bytes
->Flash cache emptied: 13743 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 680099842 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42332402 bytes
RecycleBin emptied: 663353825 bytes

Total Files Cleaned = 2,459.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09172013_143053

Files\Folders moved on Reboot...
C:\Users\Sharon McCaffrey\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sharon McCaffrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\windows\temp\wrstemp\SSMS00D94529-CDC8-480E-957F-783CA55438E9.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0221EA76-6E6C-40C2-A19E-41D5DE992D03.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS02E11D3A-E32A-4FB6-B939-93EB79895DC5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0509DBC7-6976-4267-975B-9F13459E4392.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS07E314E6-B47E-4B79-B9D2-410FC101455F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS08101C17-5DA1-43A3-963B-4BF52494B444.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0AD40377-63E9-4013-8E1C-90CEFA54B357.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0BDE4B7C-35F9-4280-8BF8-31BF7CE73888.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS0C9FD34D-EB5F-40AD-AEC4-F714D426BDAB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1669DA79-BB5F-42A9-8ECF-BB0517A7C679.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS174280EB-F747-43D6-86FA-724411B1CCBD.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS19B22F97-44ED-4C70-9513-18D94C1EB6ED.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1AE819AF-112F-421B-B23B-EFA0ECAEC9F4.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1CFFF537-74D6-472A-BDCB-154FAE40191B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS1DB63A0D-2F5D-4706-8532-58F3FC9184D6.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2341609B-1FB7-4A7A-919E-91E0413282C3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS23AC837F-80AA-49B1-9F6F-03F4174CB27A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2409D72F-4848-43ED-BDDA-67939373FF41.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS246E167A-0905-4319-9A24-373D6C301D2E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2555194A-FC65-4404-B558-0C4C1BE8D0A4.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS28481B8E-3D46-4E50-B4BF-6E76F9071CF5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS29938BAB-EA8F-4E28-BB10-9928812F72E0.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2AAD98DE-F453-4083-ABB6-4B8DF388F110.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2BB95361-E78D-42EA-8FAB-E2BA6FE8F62E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2C49E4AF-4C2D-4D97-84F7-FD5ACBD36BED.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS2D50F96F-EB7A-4BC2-99D3-2E04CA2DBE23.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3012E689-B1F8-4880-B25F-C776BC6E524B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS31D72CCC-F33C-4DDC-9BA2-5F4EB7248C23.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS335CC815-A0E9-482E-8893-5DB7AE256447.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS34BF056B-39E5-4566-B788-8C8132AE5684.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3BDBE24B-CB5D-4545-8A22-68F986C2EA1A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS3E140369-932F-4EBF-9117-267399560490.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS417AD91D-AC40-45B8-8FE0-695EAE176A9A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS422CA6C9-BD49-483D-B844-0AB78FB25F48.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS48BE15E0-00B4-4B68-9FA4-DEAFDBB2A0CB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS4B622A76-B80D-4236-924D-BFD346892037.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS508856A7-300C-445A-B91C-D191CD8BBA8E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS50C182B3-0F27-4416-84D1-6635F72C4272.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS559B5BAF-87FB-4733-B1FA-56C415E7C33A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS55CAA23F-7264-4057-88E7-056B92CD0D07.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS59582C28-33D6-45FD-9DFC-18B5F61215F8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS5F44BBCF-CCC8-41EA-B74E-87A6D46D1355.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS616A9B3C-7554-46AF-8E3F-A8B0D9C2F6E9.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6A39AAEC-7FD0-4C5F-A2BF-B6AF79E7BE1F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6B61A956-C688-4105-BA32-812F87D69DE1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6E8BBF87-7746-438D-8B44-3504EC36D343.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS6FB74611-AF5F-4016-A1CE-BF5BD58F04E1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS76AB6F46-EC21-4B85-833F-4614C5670F33.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7791909C-A7C3-421B-AADD-97EDEF60DC6B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7851F2F5-0C76-406E-8900-C267E6FD95EC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7A3E61FA-BBB7-4E93-998F-386EA998174E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7BD8C8D8-F9AE-4A9B-A26F-1EF2B2DA1680.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7C16EBE5-30F9-42C8-9EE8-77C650F400EA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7CEC09F3-8CB3-485C-B458-9C2F1FFC6E9B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS7E10E4CB-751C-44E5-A894-2EE9246283FA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS81838877-709B-4772-A777-84ECCA46967D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS81A31907-3B0D-44D5-ADC8-4C5DCA8F91AC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS8885ADBF-2592-48C2-BAF2-216B4BCBA655.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS8C19B2EF-1565-4E6E-8DF5-4E53EF3493FB.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS90089C99-9326-4BEB-8C86-64D81DA7D9FD.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS975CDACB-1D70-43DB-B8A8-8F96A69FDE46.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS99CC571D-9065-4A1D-9955-A5912C33ACE7.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9A4F0DA6-DA60-4877-9C7C-80534B9A8BE1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9AB7DB2E-D604-4FDA-AF63-A634F9071189.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9ACFF7EC-C8D3-4F67-B3B0-3781BD644738.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9B772B90-47E3-4FD9-9FE0-E6A23293D659.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9DE29289-E778-465F-A105-16A69527274D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMS9E7509F8-6C48-4E39-8741-4CA3C8A50322.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA2E0B4DB-B228-4F1B-AD1F-FC2E22937F01.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA4A1E4B3-A65E-40F5-883A-B73AF5F874D3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA79313CE-EF6E-40B5-90F4-28F1E54A563D.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSA8C4839D-A345-4618-A087-92D9B1BC8266.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSAD2A508D-7138-4639-AEF7-F35AF2D41AA5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSAE71C24B-7218-4B6A-9BB4-B48F44B0C4AE.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB06B4EFC-8EF6-41D6-A930-5D1EE69E5A83.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB7FF7AE2-CF2E-4179-B1F3-2EE83F310E38.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB81258EC-79B1-4B84-809D-ADB8B780685B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSB9FE00D7-A2AA-4DAC-BAD2-14E3A7E3407E.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSBC07BC4B-44B1-46C5-967D-78EC9A02C727.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSBE8AD613-87C0-46DE-B431-EF4B8AFDDB98.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC84FEB02-3565-4D6E-A617-B08847527149.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC9C7F920-909D-47F4-B7FC-A7F446435E94.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSC9DD4D7F-3EDE-47B7-B7DA-BE428FA554F1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD4B6B016-C667-4762-A575-6B5C94F988BC.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD5CFC2AC-A82E-45C6-BCA2-805D89D59B94.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSD9D9579B-579B-44E8-8172-56896EE724C1.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSDC6C26DC-8F9D-421E-9C61-C17C13EC4D7A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSDF6F860D-016C-498D-9659-FCC1144B4D5A.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE2F97E33-1681-4A41-9F0F-A091DB306BC8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE6914837-F363-4346-A830-1191EC0DD0B5.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSE82A4F6A-CEC0-4340-955E-E280DBE46000.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSEC4B0956-4BB0-4DB0-813A-BA6B38411208.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF0933944-5F65-4DE3-9757-7CA042058A96.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF128E2E9-C20E-400A-9860-4F90608326B8.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF14B9CC1-606A-469D-B730-B4B6222663A6.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF28DFFD1-DD75-4926-86B8-00CDDB7D85F3.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF2E96F00-BA92-45CB-8FC0-8E8371FEFB91.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF35EB8F6-CFDD-4A30-9B97-A0DADDD7F064.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF5436DAD-734A-41C2-9C38-2EC0E043D37F.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF5773710-E599-4A35-8491-C88D483A7588.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF7204FA6-FCC2-416D-BDA3-668CA03A4D2B.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSF7B5805E-8922-4EE7-885E-3757A3BAE7DA.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSFE03473A-D31D-4E85-9CDC-A06E3B832F69.tmp not found!
File\Folder C:\windows\temp\wrstemp\SSMSFFFD2061-A1E2-4341-A3F6-D06F2E0AFCE2.tmp not found!
File\Folder C:\windows\temp\TMP000000020D82AE526A87206F not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

And heres the extras

OTL Extras logfile created on: 9/17/2013 2:57:02 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sharon McCaffrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.84 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 59.49% Memory free
7.68 Gb Paging File | 5.87 Gb Available in Paging File | 76.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.64 Gb Total Space | 240.75 Gb Free Space | 83.70% Space Free | Partition Type: NTFS

Computer Name: SHARONMCCAFFREY | User Name: Sharon McCaffrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1912530170-795983334-1810447421-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B2242B39-77DD-46D5-AE50-FA2BF5771A37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3174953-2CD0-4972-B05D-6129BB2BF027}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B49DBFF-1F62-4339-84F6-DB2C35879F57}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1DDCB115-E80E-4B7A-A11F-42E65E80344D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31EA378B-06DC-4B26-9603-6F79A3606B71}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{33139F63-A4E7-4406-9483-1783A2D9706E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{36B140B4-5C68-4F98-8B9B-0EBEAA6678FE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{590E9DE9-CAA3-47ED-B8B2-CED07B03522C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{62912B97-6A7C-404E-BA5E-266F6017B455}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{62BB37C0-92C6-4C60-9F4D-43DA6ECD4F03}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{657A9DFB-9C63-4A9D-840A-5B42A827EF05}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6592C55D-F48F-4585-9228-E858492E9189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{6A7E0AF0-545C-4619-879E-7FB8E5D3C32F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{70FF294D-0AE7-4557-B82F-09672AFDDFE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{7172EA7F-40C0-49C2-BFBE-0E7D625DC0B5}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7A81F047-2AE4-450F-B77C-E928E30CF22F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{892482CC-F2A8-47B2-850A-8A048839520F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8E86BE65-2376-430A-B7EA-90D5437EEAF1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{99A8EA41-F3EB-497A-A620-A84FC46D335A}" = protocol=17 | dir=in | app=c:\users\sharon mccaffrey\appdata\roaming\utorrent\utorrent.exe |
"{99B6BC49-B2F7-4263-9DA9-89D398BF589F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A4549526-90EC-4D64-8A5C-7378D1C8A20D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AB98D89D-2E22-4CE8-8DFE-6AB183B7FF8C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{B8FA5014-4D0C-4EB0-80F0-17B25DF9CE4F}" = protocol=6 | dir=in | app=c:\users\sharon mccaffrey\appdata\roaming\utorrent\utorrent.exe |
"{BBA724FC-69AA-412C-B92F-67F91998BD5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{C22E6C0D-EE07-4DCE-AE31-680A56E0C77F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CC4B2713-8C49-4F26-9C7C-13BBF9F001F2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CFD87C80-00CF-40B9-B411-D3EFE5657B55}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{D2F32D17-336B-49F0-90AF-9AC53E6AC2CA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3B2BC09-3F9E-47F5-BA97-182ECD58609D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{FA1C11DF-6B3D-4877-96AF-36C0B8B9852C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"TCP Query User{B0D22EA6-4136-4E54-95C8-BE739728F96C}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CNXT_MODEM_USB_ACF" = USB Modem
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}" = DIRECTV Player
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F972D0AE-D224-4493-9A27-D4CD7861DF4A}" = CostWorks 2011
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"GamingWonderland Chrome Extension Uninstall" = GamingWonderland Toolbar Chrome Extension
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 3.11
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"The Weather Channel App" = The Weather Channel App
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1912530170-795983334-1810447421-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/13/2013 4:05:41 PM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1368550

Error - 9/13/2013 4:05:41 PM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1368550

Error - 9/13/2013 4:06:18 PM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/13/2013 4:06:18 PM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1591

Error - 9/13/2013 4:06:18 PM | Computer Name = SharonMcCaffrey | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1591

Error - 9/16/2013 8:53:47 PM | Computer Name = SharonMcCaffrey | Source = Application Error | ID = 1000
Description = Faulting application name: hsssrv.exe, version: 2.88.0.0, time stamp:
0x51281b7e Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0003aff2 Faulting process id:
0x788 Faulting application start time: 0x01ceb0afceea46ad Faulting application path:
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe Faulting module path: C:\windows\syswow64\ole32.dll
Report
Id: 9b34bd42-1f33-11e3-9069-d8cd00facc42

Error - 9/16/2013 8:53:53 PM | Computer Name = SharonMcCaffrey | Source = RasClient | ID = 20227
Description =

Error - 9/16/2013 9:00:27 PM | Computer Name = SharonMcCaffrey | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 76c Start Time:
01ceb34132207918 Termination Time: 14 Application Path: C:\Users\Sharon McCaffrey\Downloads\OTL.exe

Report
Id:

Error - 9/16/2013 11:07:07 PM | Computer Name = SharonMcCaffrey | Source = MsiInstaller | ID = 10005
Description =

Error - 9/16/2013 11:07:12 PM | Computer Name = SharonMcCaffrey | Source = MsiInstaller | ID = 10005
Description =

[ Media Center Events ]
Error - 10/15/2012 5:53:09 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 2:53:05 PM - Error connecting to the internet. 2:53:05 PM - Unable
to contact server..

Error - 10/16/2012 3:25:46 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 12:25:46 AM - Error connecting to the internet. 12:25:46 AM - Unable
to contact server..

Error - 10/16/2012 3:25:57 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 12:25:52 AM - Error connecting to the internet. 12:25:52 AM - Unable
to contact server..

Error - 10/16/2012 8:20:28 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 5:20:27 PM - Error connecting to the internet. 5:20:28 PM - Unable
to contact server..

Error - 10/16/2012 8:20:43 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 5:20:33 PM - Error connecting to the internet. 5:20:33 PM - Unable
to contact server..

Error - 10/17/2012 9:58:37 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:58:37 PM - Error connecting to the internet. 6:58:37 PM - Unable
to contact server..

Error - 10/17/2012 9:58:47 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:58:42 PM - Error connecting to the internet. 6:58:42 PM - Unable
to contact server..

Error - 10/25/2012 12:58:14 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 9:58:14 AM - Error connecting to the internet. 9:58:14 AM - Unable
to contact server..

Error - 10/25/2012 12:58:27 PM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 9:58:19 AM - Error connecting to the internet. 9:58:19 AM - Unable
to contact server..

Error - 11/27/2012 10:46:32 AM | Computer Name = SharonMcCaffrey | Source = MCUpdate | ID = 0
Description = 6:46:24 AM - Error connecting to the internet. 6:46:24 AM - Unable
to contact server..

[ System Events ]
Error - 9/16/2013 10:34:49 PM | Computer Name = SharonMcCaffrey | Source = Service Control Manager | ID = 7034
Description = The Webroot Client Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 9/16/2013 10:43:02 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/16/2013 11:12:51 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/16/2013 11:15:45 PM | Computer Name = SharonMcCaffrey | Source = Service Control Manager | ID = 7034
Description = The Webroot Client Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 9/17/2013 2:26:45 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/17/2013 3:02:47 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/17/2013 11:06:04 AM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/17/2013 5:26:33 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.

Error - 9/17/2013 5:30:53 PM | Computer Name = SharonMcCaffrey | Source = Service Control Manager | ID = 7034
Description = The Webroot Client Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 9/17/2013 5:53:01 PM | Computer Name = SharonMcCaffrey | Source = Application Popup | ID = 876
Description = Driver SSIDRV.SYS has been blocked from loading.


< End of report >
  • 0

#7
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi mikey1988,

Thanks again for the logs. You seem to have missed the other one I was asking for. Could you kindly post OTL.txt so I may be able to prepare the last remaining instructions for you? It should be located where your copy of OTL is. I'd also like for you to let me know how is your system running. :)
  • 0

#8
mikey1988

mikey1988

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
oops guess I forgot that one. here you are.

OTL logfile created on: 9/17/2013 2:57:01 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sharon McCaffrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.84 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 59.49% Memory free
7.68 Gb Paging File | 5.87 Gb Available in Paging File | 76.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.64 Gb Total Space | 240.75 Gb Free Space | 83.70% Space Free | Partition Type: NTFS

Computer Name: SHARONMCCAFFREY | User Name: Sharon McCaffrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/13 11:47:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sharon McCaffrey\Downloads\OTL.exe
PRC - [2013/09/02 13:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/15 18:18:37 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/05/19 05:47:54 | 013,106,328 | ---- | M] (The Weather Channel) -- C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2013/02/22 18:29:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\HssSrv.exe
PRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/08/21 14:43:58 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/08/21 14:43:58 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009/07/28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe
PRC - [2009/07/13 16:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2009/07/12 23:35:58 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2009/01/13 22:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
PRC - [2008/11/13 18:11:26 | 001,086,840 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2008/11/12 17:02:14 | 003,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/03 22:33:20 | 018,101,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\069130d01589ff7ead36c597b37fcdf7\System.ServiceModel.ni.dll
MOD - [2013/09/03 22:31:20 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\9282d4193ff97f75bb615def36b09a8e\System.Deployment.ni.dll
MOD - [2013/09/03 22:31:19 | 000,189,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\f9140eac8d0bbea9d422fddf360b57ad\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/09/03 22:31:19 | 000,096,768 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/09/03 22:31:18 | 000,762,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll
MOD - [2013/09/03 22:31:14 | 001,021,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d82770dc4e5fee30ca8a7244bf7f613a\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/09/03 22:31:13 | 002,647,552 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43\System.Runtime.Serialization.ni.dll
MOD - [2013/09/03 22:31:13 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/09/03 22:31:10 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c389533f1477363803e53dce01560d12\System.Xml.Linq.ni.dll
MOD - [2013/09/03 22:31:09 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/09/02 13:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 13:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 13:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 13:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 13:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/08/14 20:03:19 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
MOD - [2013/08/14 20:03:07 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll
MOD - [2013/08/14 20:03:02 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 20:02:53 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 20:02:51 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll
MOD - [2013/08/14 20:02:50 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll
MOD - [2013/08/14 20:02:41 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/08/14 20:02:40 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 20:02:39 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll
MOD - [2013/08/14 20:02:35 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/07/13 23:04:24 | 000,196,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\cb5671235362c8e17b1a1f0b67bfc8d9\UIAutomationTypes.ni.dll
MOD - [2013/07/11 15:05:15 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2009/07/12 23:35:58 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/08/21 10:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/03 19:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/09/13 11:58:04 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/22 18:29:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\HssSrv.exe -- (HssSrv)
SRV - [2013/02/21 18:54:48 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2012/08/21 14:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/28 22:06:52 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ACFXAU64.dll -- (AcfXAudioService)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/11/13 18:11:26 | 001,086,840 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2008/11/12 17:02:14 | 003,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/23 19:15:22 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/02/21 18:43:20 | 000,046,280 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 02:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/09/02 00:11:18 | 000,123,008 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ACFVA64.sys -- (acfva)
DRV:64bit: - [2009/08/27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/20 17:04:06 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/07/30 22:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 18:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:49 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 23:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/04/28 22:06:44 | 000,034,944 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ACFDCP64.sys -- (dgcfltr)
DRV:64bit: - [2009/04/28 22:06:36 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFXAU64.sys -- (XAudio)
DRV:64bit: - [2008/11/12 17:02:28 | 000,131,184 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ssidrv.sys -- (SSIDRV)
DRV:64bit: - [2008/11/12 17:02:26 | 000,037,488 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ssfs0bbc.sys -- (SSFS0BBC)
DRV:64bit: - [2007/03/15 02:53:46 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFSDK64.sys -- (mdmxsdk)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D2F7022C-154D-41F7-B679-015DB194A56F}
IE:64bit: - HKLM\..\SearchScopes\{D2F7022C-154D-41F7-B679-015DB194A56F}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{DD21F75B-908F-48B4-A926-4D685D472552}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA


IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\..\SearchScopes,DefaultScope = {D2F7022C-154D-41F7-B679-015DB194A56F}
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\..\SearchScopes\{43B9D90F-EC64-454A-AFE0-1D1BADB48830}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\..\SearchScopes\{54927065-0977-4CFC-9D17-35E6603881B2}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\..\SearchScopes\{DD21F75B-908F-48B4-A926-4D685D472552}: "URL" = http://www.google.co...&rlz=1I7TSNA_en
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/26 09:42:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/26 09:42:01 | 000,000,000 | ---D | M]

[2012/01/05 01:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharon McCaffrey\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U14 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.0.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Sharon McCaffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1912530170-795983334-1810447421-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CnxtCoInstallerDefer] C:\Program Files\CONEXANT\SETUP4C156FF91\SETUP\SETUP64.EXE (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1912530170-795983334-1810447421-1000..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKU\S-1-5-21-1912530170-795983334-1810447421-1000..\Run: [PCShowServer] C:\Users\Sharon McCaffrey\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E03E33F-113E-4E69-9B48-9343243E58EE}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/17 08:16:11 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/09/17 08:16:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/09/17 08:16:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/17 08:16:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/09/17 08:16:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/09/17 08:16:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/09/17 08:16:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/09/17 08:16:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/09/17 08:16:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/09/17 08:16:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/09/17 08:16:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/09/17 08:16:05 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/09/17 08:16:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/09/17 08:16:05 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/09/17 08:16:04 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/09/16 20:08:18 | 000,000,000 | ---D | C] -- C:\Users\Sharon McCaffrey\AppData\Local\PackageAware
[2013/09/16 19:37:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/16 17:57:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/13 11:47:40 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013/09/13 11:47:36 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/09/13 11:47:36 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/09/13 11:47:36 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/09/13 11:47:36 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/09/13 11:47:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/09/13 11:47:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/09/13 11:47:34 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/09/13 11:47:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/09/13 11:47:34 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/09/13 11:47:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/09/13 11:47:33 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/09/13 11:47:33 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/09/13 11:47:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/09/13 11:47:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/09/13 11:47:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/09/13 11:47:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/13 11:47:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/13 11:47:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/13 11:47:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/09/13 11:47:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/13 11:47:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/13 11:47:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/13 11:47:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/09/13 11:47:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/09/13 11:47:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/09/13 11:47:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2013/09/13 11:47:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/13 11:47:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/13 11:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/13 11:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/13 11:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/13 11:47:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/09/13 11:47:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013/08/26 10:28:37 | 000,000,000 | ---D | C] -- C:\Users\Sharon McCaffrey\Documents\New folder (2)

========== Files - Modified Within 30 Days ==========

[2013/09/17 15:01:06 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/17 15:01:06 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/17 15:00:02 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/09/17 15:00:02 | 000,624,412 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/09/17 15:00:02 | 000,106,756 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/09/17 14:57:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/09/17 14:53:42 | 000,000,306 | ---- | M] () -- C:\windows\tasks\RMAutoUpdate.job
[2013/09/17 14:53:36 | 000,000,914 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/17 14:53:31 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2013/09/17 14:53:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/17 14:53:10 | 3092,942,848 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/17 14:27:48 | 000,343,576 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/09/17 08:23:21 | 000,000,918 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/16 19:59:05 | 000,000,306 | ---- | M] () -- C:\windows\tasks\RMSchedule.job
[2013/09/16 19:37:46 | 001,039,554 | ---- | M] () -- C:\Users\Sharon McCaffrey\Desktop\AdwCleaner.exe
[2013/09/16 19:34:20 | 000,001,480 | ---- | M] () -- C:\Users\Sharon McCaffrey\Desktop\OTL - Shortcut.lnk
[2013/09/13 11:58:03 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/09/13 11:58:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/30 23:47:43 | 000,000,394 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\ANGEL'S WINGS.rtf
[2013/08/29 23:59:55 | 000,000,809 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\Promise.rtf
[2013/08/28 00:24:14 | 000,002,733 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\EVERYDAY CHORES.rtf
[2013/08/26 11:00:48 | 000,001,046 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\BASIC DAILY SCHEDULE.rtf
[2013/08/26 10:29:57 | 000,001,046 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\Document.rtf
[2013/08/24 17:06:45 | 000,001,313 | ---- | M] () -- C:\Users\Sharon McCaffrey\Documents\TEN As for ALZHEIMERS.rtf

========== Files Created - No Company Name ==========

[2013/09/16 19:37:27 | 001,039,554 | ---- | C] () -- C:\Users\Sharon McCaffrey\Desktop\AdwCleaner.exe
[2013/09/13 11:48:16 | 000,001,480 | ---- | C] () -- C:\Users\Sharon McCaffrey\Desktop\OTL - Shortcut.lnk
[2013/08/30 23:47:43 | 000,000,394 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\ANGEL'S WINGS.rtf
[2013/08/29 23:59:55 | 000,000,809 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\Promise.rtf
[2013/08/26 10:59:01 | 000,002,733 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\EVERYDAY CHORES.rtf
[2013/08/24 17:06:45 | 000,001,313 | ---- | C] () -- C:\Users\Sharon McCaffrey\Documents\TEN As for ALZHEIMERS.rtf
[2013/07/31 02:00:33 | 000,000,108 | ---- | C] () -- C:\Users\Sharon McCaffrey\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/29 22:59:03 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Hotspot Shield
[2013/07/31 02:01:07 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Template
[2010/03/16 03:40:35 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\Toshiba
[2013/09/16 17:56:28 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\uTorrent
[2010/03/13 15:39:17 | 000,000,000 | ---D | M] -- C:\Users\Sharon McCaffrey\AppData\Roaming\WinBatch

========== Purity Check ==========



< End of report >
  • 0

#9
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi mikey1988,

Below are the last steps unless you are experiencing issues. :)

  • Step 1
You currently have the following outdated program(s) installed. I highly recommend that you perform an update. You will find the download link(s) for the new version(s) below.

  • Adobe Reader 9.1 -- Update (Untick McAfee Security Scan Plus)
  • Java™ 6 Update 14 -- Update
Uninstall the previous version(s) before installing the updated one(s). If you run into any errors, let me know.
  • Step 2
    I ask that you uninstall Spy Sweeper and install a free anti-virus in its place. Choosing a good program is crucial as without it you will be easily infected. Thus, I have gathered a list of free programs for you to pick from. Please choose only one from the list below and install it. Note that the names lead to the respective download links.

  • Avira Free Antivirus

    More information can be found 'here'.
  • Microsoft Security Essentials

    More information can be found 'here'.
If you are unsure which one to pick, you can view 'Virus Bulletin' or 'AV-Comparatives'.
  • Step 3
Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.

  • Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
  • Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):

    Posted Image

  • The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
  • Upon completion, use Notepad to open and save C:\Program Files\ESET\EsetOnlineScanner\log.txt to your desktop.
  • Select Uninstall application on close and click Finish.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the log back here.
  • Step 4
    Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.

    • Double-click mbam-setup-*.exe and proceed to installing the program.
    • Accept the License Agreement.
    • At the end, ensure a check mark is both placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
    • In case you don't get a chance to do so, you may also find the log in the program's Logs tab.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the log back here.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):

  • log.txt (ESET Online Scan)
  • mbam-log-*.txt (Malwarebytes' Anti-Malware)

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP