[Daniel Christmas Lee]

Hello,

 

I have used this site in the past and found it very helpful.

 

I started my computer today to find that it won't boot. After getting it to boot finally, I noticed that my Microsoft Security Essentials is missing as well as other tray icons. I also noticed that my quick launch toolbar has been replaced by different programs that I do not ever use such as IE. I also had to reestablish my wireless connection/network and now the wireless icon shows that it is disconnected, but I am actually connected.

 

I suspect malware and some form of rootkit. Something is definitely wrong. I would appreciate a quick response. Thank you!

 

I would like help with running a complete OTL scan as well as other scans, below is my OTL Quick Scan:

 

ningOTL logfile created on: 3/31/2014 3:21:23 PM - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Users\DLee\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
16.00 Gb Total Physical Memory | 14.04 Gb Available Physical Memory | 87.79% Memory free
63.99 Gb Paging File | 62.03 Gb Available in Paging File | 96.94% Paging File free
Paging file location(s): c:\pagefile.sys 0 0g:\pagefile.sy [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.65 Gb Total Space | 266.07 Gb Free Space | 57.14% Space Free | Partition Type: NTFS
Drive E: | 59.62 Gb Total Space | 24.89 Gb Free Space | 41.75% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 260.21 Gb Free Space | 55.87% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 190.29 Gb Free Space | 40.86% Space Free | Partition Type: NTFS
Drive U: | 931.51 Gb Total Space | 177.58 Gb Free Space | 19.06% Space Free | Partition Type: NTFS
Drive X: | 465.86 Gb Total Space | 292.22 Gb Free Space | 62.73% Space Free | Partition Type: NTFS
 
Computer Name: AEGIS | User Name: DLee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/03/31 15:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\DLee\Desktop\OTL.exe
PRC - [2013/11/12 20:39:06 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/23 23:19:50 | 000,109,056 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/12 20:39:45 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService -- (AMD FUEL Service)
SRV:64bit: - [2012/07/27 19:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/20 06:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/17 06:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009/07/13 18:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 18:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012/09/20 23:05:48 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/09 14:34:38 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/20 05:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/06/23 23:19:50 | 000,109,056 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Disabled | Stopped] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/07/13 18:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.1)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2012/09/13 07:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/07/27 21:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/27 18:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/06/24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/05/13 23:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/03/30 07:49:08 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/30 04:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/04/30 04:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/03/28 03:55:50 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/28 03:53:22 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/24 16:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV:64bit: - [2010/12/24 16:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV:64bit: - [2010/12/24 16:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV:64bit: - [2010/12/24 16:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV:64bit: - [2010/12/24 16:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 06:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 06:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 04:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/20 10:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/04/27 09:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 09:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/27 18:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/11 04:28:34 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/28 10:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50.sys -- (PCASp50)
DRV:64bit: - [2009/08/05 06:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/15 20:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:18:06 | 000,281,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 13:41:10 | 000,015,360 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSIb.sys -- (BrUsbSIb)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/04 18:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2007/04/23 19:12:44 | 000,739,760 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonCam.sys -- (Cam5603D)
DRV:64bit: - [2006/09/03 00:53:54 | 000,097,280 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 B8 4B 00 BB F3 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=642886&p="
FF - prefs.js..browser.search.param.yahoo-fr: "&hsimp=yhs-affiliate_a_ff&hspart=greentree&type=642886"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: E:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Users\DLee\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Users\DLee\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012/09/21 18:11:16 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Extensions
[2012/09/21 18:18:08 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions
[2012/09/21 18:15:09 | 000,000,000 | ---D | M] (Define Word) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d}
[2012/09/21 18:15:09 | 000,000,000 | ---D | M] (Print/Print Preview) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}
[2012/09/21 18:18:08 | 000,000,000 | ---D | M] (Old Location Bar) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{3205B348-523A-4fac-9BC4-9939CBF583B0}
[2012/09/21 18:15:10 | 000,000,000 | ---D | M] (Gmail Manager) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2012/09/21 18:15:10 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/09/21 18:15:10 | 000,000,000 | ---D | M] (Download Statusbar) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2012/09/21 18:15:09 | 000,000,000 | ---D | M] (Show Picture) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/09/21 18:15:09 | 000,000,000 | ---D | M] (Multi Links) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\multilinks@plugin
[2012/09/21 18:15:24 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (Session Manager) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (Define Word) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d}
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (Print/Print Preview) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (Image Zoom) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/19 17:31:22 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/09/21 18:15:19 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2012/09/21 18:15:19 | 000,000,000 | ---D | M] (SeoQuake) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2012/09/21 18:15:19 | 000,000,000 | ---D | M] (Data Analytics) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{377364a4-d91a-47ea-87de-c3d7eaf221cd}
[2012/09/21 18:15:20 | 000,000,000 | ---D | M] (oldbar) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2012/09/21 18:15:21 | 000,000,000 | ---D | M] (FavLoc) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{472f4ef0-a825-11da-a746-0800200c9a66}
[2012/09/21 18:15:21 | 000,000,000 | ---D | M] (FEBE) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012/09/21 18:15:21 | 000,000,000 | ---D | M] (Gmail Manager) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2012/09/21 18:15:21 | 000,000,000 | ---D | M] (IE Tab) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2012/09/21 18:15:21 | 000,000,000 | ---D | M] (iMacros for Firefox) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012/09/21 18:15:22 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/09/21 18:15:22 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2012/09/21 18:15:22 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/09/21 18:15:23 | 000,000,000 | ---D | M] (Download Statusbar) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2012/09/21 18:15:24 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2012/09/21 18:15:24 | 000,000,000 | ---D | M] (BlockSite) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2012/09/21 18:15:24 | 000,000,000 | ---D | M] (QuickRestart) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD}
[2012/09/21 18:15:17 | 000,000,000 | ---D | M] (Show Picture) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:17 | 000,000,000 | ---D | M] (Cooliris) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:17 | 000,000,000 | ---D | M] ("Highlights") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] ("SEO For Firefox") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (SeoQuake Plugin - Del.icio.us) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] ("Simple Timer") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\[email protected]
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (Site Information Tool) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\siteinfo@wmtips
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\staged-xpis
[2012/09/21 18:15:18 | 000,000,000 | ---D | M] ("Status-bar Scientific Calculator") -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\ststusscicalc@sunny
[2012/08/04 15:17:16 | 000,000,000 | ---D | M] (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\fnhvl5tp.default\extensions
[2012/07/05 19:12:45 | 000,123,385 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/06/25 19:27:30 | 000,082,787 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/05/03 22:50:55 | 000,025,907 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/06/14 22:24:25 | 000,139,765 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/05/03 22:44:28 | 000,042,919 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\[email protected]
[2012/09/18 18:27:21 | 000,506,361 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2012/09/21 18:18:08 | 000,079,135 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2012/07/24 17:26:40 | 000,741,958 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/07/23 17:30:53 | 000,702,524 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2009/03/18 14:40:42 | 000,019,153 | ---- | M] () (No name found) -- E:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\staged-xpis\{20a82645-c095-46ed-80e3-08825760534b}\MicrosoftDotNetFrameworkAssistant.xpi
[2013/12/27 20:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/28 01:31:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\33.0.1750.154\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Driver Agent Plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npagent.dll
CHR - plugin: Adobe Contribute CS5  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
CHR - plugin: DivX® Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\DLee\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2014/03/31 14:53:09 | 000,000,194 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{214E4ED6-5DB3-4229-B1B5-F2B88E5686B3}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75EF2997-7330-4525-AF98-B85397041F3F}: DhcpNameServer = 192.168.1.1
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{07ca8828-3f49-11e2-9ee4-bcaec54ce1d6}\Shell - "" = AutoRun
O33 - MountPoints2\{07ca8828-3f49-11e2-9ee4-bcaec54ce1d6}\Shell\AutoRun\command - "" = H:\MotoCastSetup.exe -a
O33 - MountPoints2\{41189d8f-0438-11e2-98c9-f7d387e36a36}\Shell - "" = AutoRun
O33 - MountPoints2\{41189d8f-0438-11e2-98c9-f7d387e36a36}\Shell\AutoRun\command - "" = H:\MotoCastSetup.exe -a
O33 - MountPoints2\{726e2053-07a8-11e2-b8b6-bcaec54ce1d6}\Shell - "" = AutoRun
O33 - MountPoints2\{726e2053-07a8-11e2-b8b6-bcaec54ce1d6}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{c0634394-38f0-11e3-8f55-bcaec54ce1d6}\Shell - "" = AutoRun
O33 - MountPoints2\{c0634394-38f0-11e3-8f55-bcaec54ce1d6}\Shell\AutoRun\command - "" = H:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/31 15:18:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\DLee\Desktop\OTL.exe
[2014/03/31 14:42:31 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/31 14:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/31 14:42:17 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/31 14:42:17 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/31 14:42:17 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/31 14:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/31 14:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/03/15 19:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[2014/03/03 15:48:03 | 000,000,000 | ---D | C] -- C:\Users\DLee\Website
[2013/04/15 22:41:12 | 000,347,424 | ---- | C] (Microsoft Corporation) -- C:\Users\DLee\MicrosoftFixit.Search.RNP.10728952160632807.2.1.Run.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/31 15:19:30 | 003,972,608 | ---- | M] () -- E:\Users\DLee\Desktop\RogueKiller.exe
[2014/03/31 15:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\DLee\Desktop\OTL.exe
[2014/03/31 15:16:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/31 15:16:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/31 15:08:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/31 14:55:50 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/31 14:53:09 | 000,000,194 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/03/31 14:42:21 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/31 14:05:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/05 09:26:18 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/05 09:26:08 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/05 09:26:04 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2014/03/31 15:16:40 | 003,972,608 | ---- | C] () -- E:\Users\DLee\Desktop\RogueKiller.exe
[2014/03/31 14:42:21 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/06 13:30:46 | 004,378,194 | ---- | C] () -- C:\Users\DLee\TAX 2012.zip
[2012/11/29 02:52:41 | 000,424,353 | ---- | C] () -- C:\Users\DLee\fPhWx.png
[2012/11/12 10:15:54 | 000,280,749 | ---- | C] () -- C:\Users\DLee\Old_poster_by_Waldemar_Kazak.jpg
[2012/10/09 00:03:21 | 000,016,578 | ---- | C] () -- C:\Users\DLee\525939_10102065825111747_1243328490_n.jpg
[2012/10/07 20:17:55 | 000,387,877 | ---- | C] () -- C:\Users\DLee\9b437880-f324-012f-85f0-123138041608.jpg
[2012/10/07 20:07:58 | 000,155,766 | ---- | C] () -- C:\Users\DLee\21d2f330-f323-012f-4465-1231381a1446.jpg
[2012/09/23 01:51:20 | 000,000,706 | ---- | C] () -- C:\Users\DLee\LiveCam.lnk
[2012/09/22 11:59:15 | 000,000,082 | ---- | C] () -- C:\Users\DLee\cc_20120922_115907.reg
[2012/08/23 20:43:30 | 000,053,710 | ---- | C] () -- C:\Users\DLee\521928_699716595901_1000917956_n.jpg
[2012/08/12 22:47:16 | 000,000,008 | RHS- | C] () -- C:\Windows\SysWow64\D81DEDD44C.sys
[2012/07/28 15:23:46 | 000,000,031 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/07/18 15:49:06 | 000,060,304 | ---- | C] () -- C:\Users\DLee\g2mdlhlpx.exe
[2012/07/15 17:12:54 | 000,012,703 | ---- | C] () -- C:\Users\DLee\BlackDragonButterflyKnife_540.jpg
[2012/05/03 22:57:20 | 000,001,852 | ---- | C] () -- C:\Users\DLee\Firefox Recovery Key.html
[2012/04/30 22:21:59 | 000,225,698 | ---- | C] () -- C:\Users\DLee\522934_692759349564_201301381_33961965_1242445336_n (1).jpg
[2012/04/26 23:49:46 | 000,225,698 | ---- | C] () -- C:\Users\DLee\522934_692759349564_201301381_33961965_1242445336_n.jpg
[2012/04/23 23:42:09 | 000,142,140 | ---- | C] () -- C:\Users\DLee\J0KUE.jpg
[2012/04/22 20:48:27 | 000,727,258 | ---- | C] () -- C:\Users\DLee\hhlXr.jpg
[2012/04/22 20:35:49 | 000,402,624 | ---- | C] () -- C:\Users\DLee\23iVE.png
[2012/04/22 20:29:01 | 003,215,704 | ---- | C] () -- C:\Users\DLee\U83Nv.gif
[2012/04/22 19:43:50 | 000,775,117 | ---- | C] () -- C:\Users\DLee\SH6Si.jpg
[2012/03/29 20:19:28 | 002,035,369 | ---- | C] () -- C:\Users\DLee\RWbMh.gif
[2012/03/29 19:57:26 | 000,031,513 | ---- | C] () -- C:\Users\DLee\o3rMB.jpg
[2012/03/26 22:55:54 | 000,020,162 | ---- | C] () -- C:\Users\DLee\head_banner2.png
[2012/03/26 22:55:17 | 000,263,549 | ---- | C] () -- C:\Users\DLee\header_outreach.png
[2012/03/17 15:27:17 | 000,060,690 | ---- | C] () -- C:\Users\DLee\028Fi.jpg
[2012/03/17 15:22:35 | 000,026,615 | ---- | C] () -- C:\Users\DLee\OeXId.jpg
[2012/03/17 15:06:08 | 001,967,871 | ---- | C] () -- C:\Users\DLee\VoKn3.gif
[2012/03/17 01:26:53 | 000,196,960 | ---- | C] () -- C:\Users\DLee\Tu3vd.jpg
[2012/03/17 01:23:48 | 000,026,145 | ---- | C] () -- C:\Users\DLee\kG7qr.png
[2012/03/17 01:17:21 | 000,054,914 | ---- | C] () -- C:\Users\DLee\cZK8S.jpg
[2012/03/17 00:43:39 | 000,510,901 | ---- | C] () -- C:\Users\DLee\EyMXC.gif
[2012/03/14 23:12:22 | 000,038,878 | ---- | C] () -- C:\Users\DLee\313824_010_n.jpg
[2012/03/14 23:11:20 | 000,038,878 | ---- | C] () -- C:\Users\DLee\mail.google.com
[2012/03/04 19:57:05 | 000,073,958 | ---- | C] () -- C:\Users\DLee\419059_1507580045708_1120500823_30885928_849110466_n.jpg
[2012/02/26 22:44:17 | 000,091,736 | ---- | C] () -- C:\Users\DLee\418945_194826803957023_100002891151572_274340_144036853_n.jpg
[2012/02/26 22:42:55 | 000,156,471 | ---- | C] () -- C:\Users\DLee\246079567109254825_hSTsd8iz_c.jpg
[2012/02/25 22:19:45 | 001,638,400 | ---- | C] () -- C:\Users\DLee\omfgdogs.mp3
[2012/02/25 22:17:39 | 000,542,471 | ---- | C] () -- C:\Users\DLee\omfgdogs.gif
[2012/02/21 01:27:38 | 000,055,784 | ---- | C] () -- C:\Users\DLee\427110_10100663564692867_3600443_56173304_1559872594_n.jpg
[2012/02/15 08:03:47 | 000,016,954 | ---- | C] () -- C:\Users\DLee\409376_378941472135312_205344452828349_1395421_1482267596_n.jpg
[2012/02/12 19:06:15 | 000,024,829 | ---- | C] () -- C:\Users\DLee\432330_10150554871468546_591728545_8891908_585744766_n.jpg
[2012/02/12 14:01:04 | 000,075,678 | ---- | C] () -- C:\Users\DLee\68700_10150292547240117_302201620116_15155542_884879_n.jpg
[2012/02/11 21:28:31 | 000,169,131 | ---- | C] () -- C:\Users\DLee\2-11-2012 8-28-31 PM.jpg
[2012/02/11 21:22:26 | 000,085,727 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.26_[2012.02.11_20.22.25].jpg
[2012/02/11 21:22:24 | 000,076,682 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.24_[2012.02.11_20.22.23].jpg
[2012/02/11 21:22:22 | 000,084,626 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.21_[2012.02.11_20.22.20].jpg
[2012/02/11 21:22:13 | 000,065,024 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.16_[2012.02.11_20.22.12].jpg
[2012/02/11 21:22:06 | 000,052,997 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.12_[2012.02.11_20.22.05].jpg
[2012/02/11 21:21:45 | 000,074,819 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.44_[2012.02.11_20.21.44].jpg
[2012/02/11 21:21:28 | 000,075,280 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.32_[2012.02.11_20.21.26].jpg
[2012/02/11 21:21:21 | 000,087,204 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.30_[2012.02.11_20.21.19].jpg
[2012/02/11 21:21:04 | 000,090,681 | ---- | C] () -- C:\Users\DLee\VID_20120211_201837.3gp_snapshot_00.26_[2012.02.11_20.21.01].jpg
[2012/02/11 19:45:13 | 000,127,096 | ---- | C] () -- C:\Users\DLee\2587956_700b.jpg
[2012/02/11 01:21:13 | 000,070,948 | ---- | C] () -- C:\Users\DLee\Walther Standing.jpg
[2012/02/08 19:58:40 | 000,079,510 | ---- | C] () -- C:\Users\DLee\281578_2026807263257_1036317068_31959519_3094117_n.jpg
[2012/02/07 19:39:25 | 000,000,305 | ---- | C] () -- C:\Users\DLee\l.php
[2012/02/07 18:58:39 | 000,059,854 | ---- | C] () -- C:\Users\DLee\420964_665579498204_201301381_33851538_484325604_n.jpg
[2012/02/02 20:09:38 | 000,044,231 | ---- | C] () -- C:\Users\DLee\396296_10150615620547429_533717428_10881579_1823029198_n.jpg
[2012/01/28 11:41:56 | 000,007,534 | ---- | C] () -- C:\Users\DLee\420427_317348844974675_131437750232453_900474_797310643_n.jpg
[2011/12/20 01:57:21 | 000,037,039 | ---- | C] () -- C:\Users\DLee\bikelift.htm
[2011/12/12 19:52:35 | 000,165,273 | ---- | C] () -- C:\Users\DLee\RUNholidayparty-8.jpg
[2011/12/12 19:52:12 | 000,500,108 | ---- | C] () -- C:\Users\DLee\RUNholidayparty-5.jpg
[2011/06/13 03:43:17 | 000,000,163 | ---- | C] () -- C:\Users\DLee\flv.reg
[2011/06/10 00:48:39 | 002,387,623 | ---- | C] () -- C:\Users\DLee\protein_guide_v3.pdf
[2011/03/24 23:30:52 | 003,713,534 | ---- | C] () -- C:\Users\DLee\guitarjamz_ultimate_guitar_manual.pdf
[2011/03/24 04:11:10 | 000,001,007 | ---- | C] () -- C:\Users\DLee\PC Benchmark 3-25-11.htm
[2011/03/21 20:51:27 | 000,000,899 | ---- | C] () -- C:\Users\DLee\George off.exe - Shortcut.lnk
[2011/03/21 05:44:15 | 000,000,799 | ---- | C] () -- C:\Users\DLee\ASIO4ALL v2 Instruction Manual.lnk
[2011/03/20 17:40:31 | 000,003,608 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1267 bytes -> C:\ProgramData\Microsoft:E1HQlF49b7FE0gm1oxnRymW
@Alternate Data Stream - 1195 bytes -> E:\Users\DLee\AppData\Local\Application Data:uBYnK1DzTupy9y35mL2Khs0d
@Alternate Data Stream - 1179 bytes -> C:\ProgramData\Microsoft:ERZSStxkCfV7Yyk5ZTJYcx
@Alternate Data Stream - 1176 bytes -> E:\Users\DLee\AppData\Local\Application Data:f64If7TziAcEGSohO6rTOwDeyE

< End of report >
 

[Advertisements]

Hello Daniel,

 

I'm sorry it took this long for me to respond. Can you tell me what kind of screen you got when the computer wouldn't boot up?

Did you make any changes to the system before the problem started?

Can you boot into Safe Mode?

If the problem started on the 31st, have you tried to restore the system to a date prior to the 31st?

[godawgs]

Hello Daniel,

 

I'm sorry it took this long for me to respond. Can you tell me what kind of screen you got when the computer wouldn't boot up?

Did you make any changes to the system before the problem started?

Can you boot into Safe Mode?

If the problem started on the 31st, have you tried to restore the system to a date prior to the 31st?

[Daniel Christmas Lee]

Godawgs!

 

Hello. Thank you for responding to my thread. Something silly happened and I didn't realize it until after freaking out.

 

What happened was that my PC decided to boot up from my "old" drive and not my "current" drive. The OTL log I posted was taken while running the "old" drive.

 

However! I still suspect that there is something wrong with my computer because half the time I cannot boot up at all, I cannot boot into BIOS, and the only fix would be to unplug my external hard drives and/or unplug ALL my USB peripherals.

 

This problem occurred only since Jan 2014, I know this because I moved and then this started happening.

 

I know this issue may be out of your scope, and may be a hardware issue. I actually suspect it to be a "power" issue.

 

So basically I "fixed" my problem by making sure that BIOS is booting from my "current" drive and is set as primary.

 

Thank you anyways Godawgs! I'll be in touch in case of a more serious issue. I hope you're doing well!

 

Cheers!

[godawgs]

Thanks for letting me know Daniel. Yep, booting from the wrong drive would certainly mess with the desktop. Glad you sorted it out.

The power supply would fall within our Techs purview. Let us know if you need us.

 

Regards,

godawgs

[godawgs]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.