Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Acting sluggish, IE10 errors, Java [Closed]

Started by gracek , Dec 17 2013 03:37 PM

  • This topic is locked This topic is locked

#16
godawgs
Posted 23 December 2013 - 05:19 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Happy Holidays to you too.

I was not able to run the scanner, it opened up a blank blue screen. No way to run. It did run a scan and wouldn't give me an option to run a scan since the popup window to scan was blank blue. When I ran the ESET Scanner, a popup window opened with a blank light blue screen

I'm sorry but I don't have any idea what that means. You say you weren't able to run a scan. Then you say it did run a scan but wouldn't give you an option to run a scan :confused:
Do you see my confusion here? You're gonna need to be a little more specific. As in:
What browser did you use?
When you go to the ESET scan web site when do you get the blue screen? Was it immediately after you clicked the Run ESET online scanner button? Was it after you clicked the Accept the termse button and click Start? Was it after you changed the settings?

Please tell me what happened.
  • 0

Advertisements

#17
gracek
Posted 23 December 2013 - 05:44 PM

gracek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
TYPO, IT didn't run a scan, couldn't run a scan, got a blank blue screen with broken icon, that is IT. Sorry.

This is what I did:

I go to the link that brings me to ESET Online Scanner, I click on the blue button, that says, "Run ESET Online Scanner",
It opens up a popup window that has me agree to the terms of service, I check yes, then click the green start button, Then that same popup window turns into a light blue window with a little black square in the top left corner. Nothing else..

Edited by gracek, 23 December 2013 - 05:49 PM.

  • 0

#18
godawgs
Posted 23 December 2013 - 10:25 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Did you right click on the browser icon and click Run as Administrator to open the browser?
What browser did you use?
Does this happen in all browsers or did you try just one browser?
  • 0

#19
godawgs
Posted 28 December 2013 - 01:11 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#20
admin
Posted 30 December 2013 - 12:26 AM

admin

    Founder Geek

  • Community Leader
  • 24,639 posts
Topic re-opened at original posters request.
  • 0

#21
godawgs
Posted 30 December 2013 - 12:33 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello,

Please answer the questions I asked on Dec. 23rd.
  • 0

#22
gracek
Posted 30 December 2013 - 05:21 PM

gracek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Did you right click on the browser icon and click Run as Administrator to open the browser?
What browser did you use?
Does this happen in all browsers or did you try just one browser?


I appoligize. I checked back daily and didn't see any response. Maybe there was a problem with MY refresh.

Yes, I ran IE as administrator.

Yes I turned off all antivirus.

I only used IE.

IE is still UNABLE to do a scan. I get a blank blue popup screen on IE. NO way to run a scan.

I am now checking CHROME:

I ran Chrome as administrator, I downloaded file and it scanned... here are the results... :

C:\Program Files (x86)\VideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application
C:\ProgramData\{559F25A3-87D2-4D88-ADC5-DF4C277CDD45}\setup.res a variant of Win32/HiddenStart.A application
C:\Users\All Users\{559F25A3-87D2-4D88-ADC5-DF4C277CDD45}\setup.res a variant of Win32/HiddenStart.A application
C:\Users\Grace\Downloads\avc-free.exe Win32/OpenCandy application
C:\Users\Grace\Downloads\ccsetup408 (1).exe Win32/Bundled.Toolbar.Google.D application
C:\Users\Grace\Downloads\ccsetup408.exe Win32/Bundled.Toolbar.Google.D application
C:\Users\Grace\Downloads\driver_fusion_1.6.0.exe Win32/OpenCandy application
C:\Users\Grace\Downloads\Java.exe a variant of Win32/AirAdInstaller.A application
C:\Users\Grace\Downloads\malwarebytesantimalware-setup.exe Win32/DownloadAdmin.G application
C:\Users\Grace\Downloads\VideoConverterSetup.exe a variant of Win32/InstallCore.BF application
C:\Users\Grace\Downloads\Installed\ManyCam.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Grace\Favorites\chickens\Downloads\Software and Drivers Zip\SetupImgBurn_2.5.4.0.exe a variant of Win32/Bundled.Toolbar.Ask application







  • 0

#23
godawgs
Posted 30 December 2013 - 10:32 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Most of what ESET found was adware or toolbars included with the downloaded programs.
After this run please let me know what issues remain.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
C:\Program Files (x86)\VideoConverter\VideoConverter.exe
C:\ProgramData\{559F25A3-87D2-4D88-ADC5-DF4C277CDD45}\setup.res
C:\Users\All Users\{559F25A3-87D2-4D88-ADC5-DF4C277CDD45}\setup.res
C:\Users\Grace\Downloads\avc-free.exe
C:\Users\Grace\Downloads\ccsetup408 (1).exe
C:\Users\Grace\Downloads\ccsetup408.exe
C:\Users\Grace\Downloads\driver_fusion_1.6.0.exe
C:\Users\Grace\Downloads\Java.exe
C:\Users\Grace\Downloads\malwarebytesantimalware-setup.exe
C:\Users\Grace\Downloads\VideoConverterSetup.exe
C:\Users\Grace\Downloads\Installed\ManyCam.exe
C:\Users\Grace\Favorites\chickens\Downloads\Software and Drivers Zip\SetupImgBurn_2.5.4.0.exe

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, DO NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.


Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know what issues remain
2. The OTL fixes log
3. The new OTL.txt log
  • 0

#24
gracek
Posted 31 December 2013 - 10:09 AM

gracek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
1. The programs I am using seem much less sluggish/jittery today. Thank you.

2. OTL.txt log generated from the run fix.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Grace
->Temp folder emptied: 546828 bytes
->Temporary Internet Files folder emptied: 262384632 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 363684589 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 3672 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 68520 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 1951 bytes

Total Files Cleaned = 598.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12312013_102614


3. otl.txt log from last scan.

OTL logfile created on: 12/31/2013 10:52:51 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Grace\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 6.50 Gb Available Physical Memory | 81.66% Memory free
15.92 Gb Paging File | 14.25 Gb Available in Paging File | 89.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.42 Gb Total Space | 785.14 Gb Free Space | 85.40% Space Free | Partition Type: NTFS

Computer Name: GRACE-PC | User Name: Grace | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/17 16:14:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Grace\Desktop\OTL.exe
PRC - [2013/12/11 09:06:57 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/12/07 05:00:07 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/09/05 09:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/18 08:56:14 | 000,659,992 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/06/07 08:33:02 | 000,167,424 | ---- | M] (Mediafour Corporation) [Disabled | Stopped] -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe -- (MacDrive8ServiceD)
SRV:64bit: - [2010/05/17 18:03:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Disabled | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2013/09/05 09:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 08:56:22 | 001,227,800 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/04/18 08:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/02/28 17:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/09 00:56:34 | 000,081,920 | ---- | M] (Avid Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe -- (DigiRefresh)
SRV - [2011/08/09 00:42:44 | 000,159,744 | ---- | M] (Avid Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2011/07/09 01:36:12 | 002,932,224 | ---- | M] (PACE Anti-Piracy, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2010/10/08 11:45:56 | 001,919,504 | ---- | M] (Avid) [Disabled | Stopped] -- C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe -- (MboxProAudioDevMon)
SRV - [2010/07/12 14:39:24 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe -- (D_Link_DWA-125_WPS)
SRV - [2010/07/09 21:08:59 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/09 11:37:20 | 000,049,152 | ---- | M] (Panasonic System Networks Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Panasonic\LocalCom\lmsrvnt.exe -- (Panasonic Local Printer Service)
SRV - [2009/09/18 04:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/26 11:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/12/17 03:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 03:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2004/02/26 07:15:58 | 000,069,632 | ---- | M] (Panasonic) [Disabled | Stopped] -- C:\Program Files (x86)\Panasonic\TrapMonitor\Trapmnnt.exe -- (Panasonic Trap Monitor Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2013/11/30 02:10:40 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\My Dell\pcdsrvc_x64.pkms -- (PCDSRVC{D3412D80-CF3B4A27-06020200}_0)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/18 08:55:50 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2012/11/01 16:19:56 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/20 05:12:34 | 000,029,696 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/07/20 05:12:00 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012/07/03 11:58:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/11/28 21:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/09/01 13:36:36 | 000,025,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iLokDrvr.sys -- (iLokDrvr)
DRV:64bit: - [2011/07/27 13:48:14 | 000,014,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2011/06/28 16:04:40 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2011/04/28 14:20:30 | 001,617,472 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Dnetr28ux.sys -- (netr28ux)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/23 15:12:00 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/23 00:24:02 | 000,021,520 | ---- | M] (Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:64bit: - [2010/10/08 11:45:48 | 000,433,168 | ---- | M] (Avid) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AvidMboxPro.sys -- (MBOXPRO)
DRV:64bit: - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010/07/22 09:59:08 | 000,428,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\cxpolar64.sys -- (CXPOLARIS)
DRV:64bit: - [2010/07/13 15:47:00 | 000,044,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysNative\drivers\cxcir64.sys -- (CXIR)
DRV:64bit: - [2010/05/29 07:58:30 | 000,015,872 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\anodlwfx.sys -- (anodlwf)
DRV:64bit: - [2010/05/18 08:07:26 | 000,306,280 | ---- | M] (Mediafour Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MDFSYSNT.SYS -- (MDFSYSNT)
DRV:64bit: - [2010/05/17 18:35:30 | 006,853,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/17 17:30:28 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/05 08:43:24 | 000,032,352 | ---- | M] (Mediafour Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\MDPMGRNT.SYS -- (MDPMGRNT)
DRV:64bit: - [2010/04/08 04:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/11/18 18:36:02 | 000,039,240 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysNative\drivers\dvdriver.sys -- (DVDRIVER)
DRV:64bit: - [2009/10/16 06:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/10/02 15:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/26 10:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 19:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 19:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 19:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/13 19:06:40 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\avcstrm.sys -- (AVCSTRM)
DRV:64bit: - [2009/07/13 19:06:39 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mstape.sys -- (MSTAPE)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 10:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\SysWOW64\drivers\RxFilter.sys -- (RxFilter)
DRV - [2006/07/19 11:04:00 | 000,014,608 | R--- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\dell\drivers\R267410\atillk64.sys -- (atillk64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{FBC4FE95-9F67-425F-95CE-B05D0D13AEFB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{FBC4FE95-9F67-425F-95CE-B05D0D13AEFB}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.tdameritrade.com/home.page
IE - HKCU\..\SearchScopes,DefaultScope = {0ECD877B-04FA-42F4-9DEB-F1414F84227A}
IE - HKCU\..\SearchScopes\{0ECD877B-04FA-42F4-9DEB-F1414F84227A}: "URL" = http://www.google.co...&rlz=1I7GGNI_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@ilok.com/iLokHelper,version=3.1.0.7: C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll ( PACE Anti-Piracy, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Grace\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Grace\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Grace\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\tdameritrade.com/thinkorswim: C:\Program Files (x86)\thinkorswim\npthinkorswim.dll (TD Ameritrade)
FF - HKCU\Software\MozillaPlugins\tdameritrade.com/tossc: C:\Program Files (x86)\thinkorswim\nptossc.dll (TD Ameritrade)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/12/21 13:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grace\AppData\Roaming\Mozilla\Extensions
[2013/12/21 11:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/05 11:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/05 11:51:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npdjvu.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: PACE Client Helper Plugin (Enabled) = C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: thinkorswim (Enabled) = C:\Program Files (x86)\thinkorswim\npthinkorswim.dll
CHR - plugin: tossc (Enabled) = C:\Program Files (x86)\thinkorswim\nptossc.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Grace\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Grace\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Chrome Speak = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj\1.2.4.1_0\
CHR - Extension: MightyText - Send/Receive SMS Text Messages = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0\
CHR - Extension: Google+ = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Gmail Offline = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Google Calendar = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Google Finance = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp\1.1_0\
CHR - Extension: Select and Speak = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn\0.2.1_0\
CHR - Extension: Drive Notepad = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj\1.2_0\
CHR - Extension: AirDroid = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd\2.0.4_0\
CHR - Extension: No name found = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\2.0.13513.1396_0\
CHR - Extension: GText from MightyText - SMS from Gmail\u2122 = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffdacemhfpnchinokehhnppllonacfj\3.91_0\
CHR - Extension: Dropbox = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: HootSuite = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0\
CHR - Extension: Evernote Web = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: Google Maps = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: NaturalReader Text to Speech = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpffgiekkmdfnmknoollbedhaabacpgg\2.2_0\
CHR - Extension: Planner 5D = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna\1.2.0.4_0\
CHR - Extension: Pocket = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk\0.600_0\
CHR - Extension: Google Wallet = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.3_0\
CHR - Extension: SpeakIt! = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak\0.2.6_0\
CHR - Extension: US English Female Text-to-speech (by Google) = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkidpnnapnfgjhfhkpmjpbckkbaodldb\2.1.1_0\
CHR - Extension: US English Female Text-to-speech (by Google) = C:\Users\Grace\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkidpnnapnfgjhfhkpmjpbckkbaodldb\2.1.1_0\~

O1 HOSTS File: ([2013/12/18 13:57:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Alexa Toolbar\AlexaToolbar.11.0.dll (Alexa.com)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Alexa Toolbar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Alexa Toolbar\AlexaToolbar.11.0.dll (Alexa.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: appspot.com ([textyserver] * in Trusted sites)
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: fatsecret.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: mightytext.net ([]http in Trusted sites)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.comcastsu...oad/tgctlsr.cab (SupportSoft Script Runner Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://investools.w...nt/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0731E19D-7E77-4D3A-A166-D08F118FCA08}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{170DE4D5-2FDD-4518-A09A-362D354683D5}: DhcpNameServer = 192.168.1.1 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/23 11:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/12/21 15:59:04 | 000,000,000 | ---D | C] -- C:\Users\Grace\Desktop\Bank stuff
[2013/12/21 15:15:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/12/21 14:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alexa Toolbar
[2013/12/21 14:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alexa Toolbar
[2013/12/21 14:22:11 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Grace\Desktop\JRT.exe
[2013/12/21 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Mozilla
[2013/12/21 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Disruptive Innovations SARL
[2013/12/21 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Local\Disruptive Innovations SARL
[2013/12/21 13:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon
[2013/12/21 13:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueGriffon
[2013/12/21 12:14:17 | 000,000,000 | ---D | C] -- C:\Users\Grace\Desktop\www.micshop.com_files
[2013/12/21 12:11:07 | 000,000,000 | ---D | C] -- C:\Users\Grace\Desktop\micshop website
[2013/12/21 12:06:38 | 000,000,000 | ---D | C] -- C:\CoffeeCup Software
[2013/12/21 12:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2013/12/21 12:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2013/12/21 12:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/12/21 11:12:22 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2013/12/21 11:11:11 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\CoffeeCup Software
[2013/12/21 10:20:29 | 000,000,000 | ---D | C] -- C:\Users\Grace\Documents\CoffeeCup Software
[2013/12/20 18:53:11 | 000,708,597 | ---- | C] (Farbar) -- C:\Users\Grace\Desktop\FSS.exe
[2013/12/20 18:50:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/19 01:18:53 | 000,000,000 | ---D | C] -- C:\Users\Grace\Desktop\STOCK RESEARCH
[2013/12/18 13:55:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/18 13:46:55 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Grace\Desktop\aswmbr.exe
[2013/12/17 16:14:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Grace\Desktop\OTL.exe
[2013/12/13 12:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/12/13 12:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/12/13 12:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/12/13 12:27:43 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/12/13 12:27:42 | 000,458,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/12/13 12:27:42 | 000,203,264 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/12/13 12:27:42 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/12/13 12:15:06 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/12/13 12:15:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/12/13 12:07:47 | 000,000,000 | ---D | C] -- C:\Users\Grace\Documents\Dell Downloads
[2013/12/13 11:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013/12/13 11:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2013/12/13 11:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013/12/13 11:41:15 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013/12/13 08:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/11 16:48:52 | 000,000,000 | ---D | C] -- C:\Users\Grace\Desktop\510 inspections
[2013/12/11 14:54:17 | 000,000,000 | -HSD | C] -- C:\Users\Grace\Documents\cache
[2013/12/11 14:54:13 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\webex
[2013/12/11 14:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx
[2013/12/11 12:23:08 | 000,000,000 | ---D | C] -- C:\Users\Grace\Documents\Ambling Books
[2013/12/11 12:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ambling Books
[2013/12/11 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sounds
[2013/12/11 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\plugins
[2013/12/11 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\log
[2013/12/11 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lib
[2013/12/11 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ambling Books
[2013/12/08 13:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2013/12/08 10:53:42 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2013/12/07 17:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/12/07 17:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/12/07 16:58:55 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thinkorswim
[2013/12/05 11:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/12/05 11:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/03 14:16:16 | 000,000,000 | ---D | C] -- C:\Users\Grace\AppData\Local\FluxSoftware
[2013/12/02 14:42:51 | 000,000,000 | ---D | C] -- C:\Users\Grace\.thinkorswim
[2013/12/02 14:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
[2013/12/02 14:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\thinkorswim
[2012/01/15 17:27:05 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Grace\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/12/31 10:50:45 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3875385828-3578430940-2960995150-1000UA.job
[2013/12/31 10:37:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/31 10:37:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/31 10:36:15 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/31 10:36:15 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/31 10:36:15 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/31 10:32:12 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/31 10:32:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/31 10:31:51 | 2115,301,375 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/30 18:05:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/30 16:59:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3875385828-3578430940-2960995150-1000UA.job
[2013/12/29 10:59:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3875385828-3578430940-2960995150-1000Core.job
[2013/12/28 13:53:50 | 001,446,187 | ---- | M] () -- C:\Users\Grace\Desktop\banktrup.pdf
[2013/12/23 14:54:53 | 000,007,579 | ---- | M] () -- C:\Users\Grace\AppData\Local\resmon.resmoncfg
[2013/12/23 11:46:59 | 000,013,824 | ---- | M] () -- C:\Users\Grace\Desktop\grace info oct 2013.wps
[2013/12/23 11:46:59 | 000,002,000 | ---- | M] () -- C:\Users\Grace\AppData\Roaming\wklnhst.dat
[2013/12/23 11:46:02 | 000,013,806 | ---- | M] () -- C:\Users\Grace\Desktop\grace info oct 2013.wps - Shortcut.lnk
[2013/12/23 11:07:17 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3875385828-3578430940-2960995150-1000Core.job
[2013/12/21 22:23:38 | 000,763,193 | ---- | M] () -- C:\Users\Grace\Desktop\TammySnow!.gif
[2013/12/21 15:59:39 | 000,204,104 | ---- | M] () -- C:\Users\Grace\Desktop\Citicard Payment 12212013.xps
[2013/12/21 14:22:12 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Grace\Desktop\JRT.exe
[2013/12/21 12:21:13 | 000,020,044 | ---- | M] () -- C:\Users\Grace\Desktop\index.html
[2013/12/21 12:14:17 | 000,019,829 | ---- | M] () -- C:\Users\Grace\Desktop\www.micshop.com.htm
[2013/12/21 12:06:14 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\CoffeeCup Visual Site Designer.lnk
[2013/12/21 11:37:32 | 000,040,090 | ---- | M] () -- C:\Users\Grace\Desktop\index.htm
[2013/12/21 11:12:32 | 000,001,096 | ---- | M] () -- C:\Users\Grace\Desktop\CoffeeCup Free HTML Editor.lnk
[2013/12/21 11:12:32 | 000,001,076 | ---- | M] () -- C:\Users\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\CoffeeCup Free HTML Editor.lnk
[2013/12/20 18:55:40 | 000,891,200 | ---- | M] () -- C:\Users\Grace\Desktop\SecurityCheck.exe
[2013/12/20 18:53:11 | 000,708,597 | ---- | M] (Farbar) -- C:\Users\Grace\Desktop\FSS.exe
[2013/12/20 18:48:27 | 001,226,750 | ---- | M] () -- C:\Users\Grace\Desktop\AdwCleaner (1).exe
[2013/12/18 15:22:48 | 000,000,512 | ---- | M] () -- C:\Users\Grace\Desktop\MBR.dat
[2013/12/18 13:57:42 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/12/18 13:47:19 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Grace\Desktop\aswmbr.exe
[2013/12/17 16:14:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Grace\Desktop\OTL.exe
[2013/12/15 11:00:46 | 744,512,394 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/15 10:42:35 | 000,399,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/13 19:33:21 | 002,579,528 | ---- | M] () -- C:\Users\Grace\Desktop\R245415.exe
[2013/12/13 12:10:40 | 143,371,832 | ---- | M] () -- C:\Users\Grace\Desktop\R274044.exe
[2013/12/13 11:23:09 | 001,052,672 | ---- | M] () -- C:\Users\Grace\Documents\dec 14 2013.evtx
[2013/12/10 13:43:04 | 000,857,024 | ---- | M] () -- C:\Users\Grace\Documents\IRA WIthdrawl 2 of 2.pdf
[2013/12/10 13:41:15 | 002,880,775 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 1 of 2 form.pdf
[2013/12/10 13:10:18 | 003,737,347 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013.pdf
[2013/12/10 13:09:45 | 000,856,198 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_4.png
[2013/12/10 13:09:38 | 000,959,368 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_3.png
[2013/12/10 13:09:32 | 000,947,736 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_2.png
[2013/12/10 13:09:25 | 000,972,176 | ---- | M] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_1.png
[2013/12/10 12:49:48 | 000,269,007 | ---- | M] () -- C:\Users\Grace\Documents\IRA Distribution 1 Dec 10 2013.pdf
[2013/12/08 13:08:42 | 000,001,642 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2013/12/07 16:58:55 | 000,001,951 | ---- | M] () -- C:\Users\Grace\Desktop\thinkorswim.lnk
[2013/12/07 16:58:55 | 000,001,951 | ---- | M] () -- C:\Users\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\thinkorswim.lnk
[2013/12/05 14:01:57 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/12/05 11:51:08 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/05 11:47:26 | 000,000,082 | ---- | M] () -- C:\Users\Grace\AppData\Roaming\mbam.context.scan
[2013/12/05 09:08:33 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/03 19:24:44 | 000,002,734 | ---- | M] () -- C:\Users\Grace\Desktop\Google Keep.lnk
[2013/12/03 12:19:56 | 000,083,353 | ---- | M] () -- C:\Users\Grace\Documents\broker opening instructions real estate Chapter 5.pdf

========== Files Created - No Company Name ==========

[2013/12/28 13:53:49 | 001,446,187 | ---- | C] () -- C:\Users\Grace\Desktop\banktrup.pdf
[2013/12/23 11:46:02 | 000,013,806 | ---- | C] () -- C:\Users\Grace\Desktop\grace info oct 2013.wps - Shortcut.lnk
[2013/12/21 22:23:58 | 000,763,193 | ---- | C] () -- C:\Users\Grace\Desktop\TammySnow!.gif
[2013/12/21 15:59:38 | 000,204,104 | ---- | C] () -- C:\Users\Grace\Desktop\Citicard Payment 12212013.xps
[2013/12/21 12:14:17 | 000,019,829 | ---- | C] () -- C:\Users\Grace\Desktop\www.micshop.com.htm
[2013/12/21 12:06:38 | 000,000,108 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2013/12/21 12:06:38 | 000,000,041 | -H-- | C] () -- C:\Windows\trfntw32.cfg
[2013/12/21 12:06:14 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\CoffeeCup Visual Site Designer.lnk
[2013/12/21 11:39:08 | 000,020,044 | ---- | C] () -- C:\Users\Grace\Desktop\index.html
[2013/12/21 11:37:32 | 000,040,090 | ---- | C] () -- C:\Users\Grace\Desktop\index.htm
[2013/12/21 11:12:32 | 000,001,096 | ---- | C] () -- C:\Users\Grace\Desktop\CoffeeCup Free HTML Editor.lnk
[2013/12/21 11:12:32 | 000,001,076 | ---- | C] () -- C:\Users\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\CoffeeCup Free HTML Editor.lnk
[2013/12/20 18:55:40 | 000,891,200 | ---- | C] () -- C:\Users\Grace\Desktop\SecurityCheck.exe
[2013/12/20 18:48:26 | 001,226,750 | ---- | C] () -- C:\Users\Grace\Desktop\AdwCleaner (1).exe
[2013/12/18 15:22:48 | 000,000,512 | ---- | C] () -- C:\Users\Grace\Desktop\MBR.dat
[2013/12/15 11:00:46 | 744,512,394 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/12/13 12:27:43 | 000,534,960 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/12/13 12:27:43 | 000,534,960 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/12/13 12:27:43 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/12/13 12:27:43 | 000,002,137 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/12/13 12:27:42 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2013/12/13 12:27:42 | 000,203,336 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/12/13 12:27:42 | 000,057,192 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/12/13 12:27:42 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2013/12/13 12:27:42 | 000,021,360 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/12/13 12:07:58 | 143,371,832 | ---- | C] () -- C:\Users\Grace\Desktop\R274044.exe
[2013/12/13 12:07:58 | 002,579,528 | ---- | C] () -- C:\Users\Grace\Desktop\R245415.exe
[2013/12/13 11:23:09 | 001,052,672 | ---- | C] () -- C:\Users\Grace\Documents\dec 14 2013.evtx
[2013/12/10 13:43:04 | 000,857,024 | ---- | C] () -- C:\Users\Grace\Documents\IRA WIthdrawl 2 of 2.pdf
[2013/12/10 13:41:15 | 002,880,775 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 1 of 2 form.pdf
[2013/12/10 13:10:17 | 003,737,347 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013.pdf
[2013/12/10 13:09:44 | 000,856,198 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_4.png
[2013/12/10 13:09:38 | 000,959,368 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_3.png
[2013/12/10 13:09:31 | 000,947,736 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_2.png
[2013/12/10 13:09:25 | 000,972,176 | ---- | C] () -- C:\Users\Grace\Documents\IRA Withdrawl 10000 2013_1.png
[2013/12/10 12:49:48 | 000,269,007 | ---- | C] () -- C:\Users\Grace\Documents\IRA Distribution 1 Dec 10 2013.pdf
[2013/12/08 13:08:42 | 000,001,642 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2013/12/07 16:58:55 | 000,001,951 | ---- | C] () -- C:\Users\Grace\Desktop\thinkorswim.lnk
[2013/12/07 16:58:55 | 000,001,951 | ---- | C] () -- C:\Users\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\thinkorswim.lnk
[2013/12/05 11:51:08 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/05 11:51:07 | 000,001,089 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/12/05 11:47:26 | 000,000,082 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\mbam.context.scan
[2013/12/05 09:08:33 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/03 19:24:44 | 000,002,734 | ---- | C] () -- C:\Users\Grace\Desktop\Google Keep.lnk
[2013/12/03 12:19:56 | 000,083,353 | ---- | C] () -- C:\Users\Grace\Documents\broker opening instructions real estate Chapter 5.pdf
[2013/05/04 16:22:36 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-GRACE-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/05/04 12:43:00 | 000,000,048 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\burnaware.ini
[2012/12/21 13:06:07 | 000,000,068 | ---- | C] () -- C:\Windows\eyeQ Screen Saver.ini
[2012/11/25 18:14:45 | 000,000,253 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\ANICONFIG_{0731E19D-7E77-4D3A-A166-D08F118FCA08}.ini
[2012/11/25 12:26:39 | 000,302,080 | ---- | C] () -- C:\Windows\lwd.exe
[2012/11/19 11:59:11 | 000,000,258 | RHS- | C] () -- C:\Users\Grace\ntuser.pol
[2012/11/03 18:53:54 | 000,006,144 | ---- | C] () -- C:\Users\Grace\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/28 12:50:01 | 000,022,284 | ---- | C] () -- C:\Users\Grace\AppData\Local\recently-used.xbel
[2012/09/20 18:40:42 | 000,074,240 | ---- | C] () -- C:\Windows\trackerpod_server.exe
[2012/08/13 09:03:33 | 000,027,520 | ---- | C] () -- C:\Users\Grace\AppData\Local\dt.dat
[2012/08/02 14:20:14 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/09 16:09:42 | 002,846,896 | ---- | C] () -- C:\Users\Grace\AppData\Local\rx_image32.Cache
[2012/05/09 16:09:42 | 000,137,800 | ---- | C] () -- C:\Users\Grace\AppData\Local\rx_audio.Cache
[2012/03/29 09:17:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/03/29 09:17:30 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/01/18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/15 17:27:05 | 000,007,859 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\pcouffin.cat
[2012/01/15 17:27:05 | 000,001,167 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\pcouffin.inf
[2011/10/13 18:14:11 | 000,088,384 | ---- | C] () -- C:\Users\Grace\AppData\Local\RAContactHistory.xml
[2011/08/29 21:29:05 | 000,007,579 | ---- | C] () -- C:\Users\Grace\AppData\Local\resmon.resmoncfg
[2011/08/28 19:31:40 | 000,002,000 | ---- | C] () -- C:\Users\Grace\AppData\Roaming\wklnhst.dat
[2011/08/27 18:32:58 | 000,014,848 | ---- | C] () -- C:\Users\Grace\Country Lyrics.wps

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/17 14:29:52 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Amazon
[2012/07/17 14:30:40 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\AMPSoft
[2013/06/23 12:52:07 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\avidemux
[2013/12/21 11:12:15 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\CoffeeCup Software
[2013/05/02 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Digidesign
[2013/12/21 13:01:32 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Disruptive Innovations SARL
[2013/11/23 09:22:41 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Dropbox
[2011/11/15 09:44:29 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Epson
[2013/04/11 18:35:51 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\FamilyTreeMaker
[2011/08/27 23:11:38 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Full
[2012/10/31 10:40:27 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Gyration
[2012/12/05 11:28:14 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\JRT Studio
[2013/05/02 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\KWorld Multimedia
[2011/08/31 21:36:24 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Leadertech
[2012/12/04 18:46:28 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\MediaMonkey
[2013/05/02 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\mjusbsp
[2012/02/28 13:37:38 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\MP3SkypeRecorder
[2011/09/01 13:42:54 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\PACE Anti-Piracy
[2011/08/27 18:48:48 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\PCDr
[2013/05/02 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\PeerNetworking
[2013/05/02 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\PhotoScape
[2012/11/03 18:51:46 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\TechSmith
[2011/08/28 19:31:44 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Template
[2011/08/31 21:34:15 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Trillium Lane
[2013/11/23 15:27:53 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\VS Revo Group
[2013/04/24 07:47:46 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Vso
[2013/12/18 15:56:30 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\webex
[2011/09/01 11:34:50 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Windows Live Writer
[2013/05/02 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Wondershare
[2012/01/15 17:35:43 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Xilisoft

========== Purity Check ==========



< End of report >



  • 0

#25
godawgs
Posted 31 December 2013 - 11:13 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks fo the logs and update. Just a couple more thinks to remove and then if you don't have any further issues we will be ready to clean up.


Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
O2:64bit: - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Alexa Toolbar\AlexaToolbar.11.0.dll (Alexa.com)
O3:64bit: - HKLM\..\Toolbar: (Alexa Toolbar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Alexa Toolbar\AlexaToolbar.11.0.dll (Alexa.com)
[2013/12/21 14:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alexa Toolbar
[2013/12/21 14:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alexa Toolbar

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, DO NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL fixes log
2. Let me know if you have any further issues.
  • 0

Advertisements

#26
godawgs
Posted 04 January 2014 - 12:21 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP