I haven't really run this laptop for about a year ... since I left college. Maybe I'm infected and maybe not ... but I thought I'd come here to the experts to make sure.
I have run CCleaner and Malwarebytes but I saw something called Yontoo and read that it is not a good thing to have and so it raised questions as to whether I might be 'infected' more.
Help Please
Britt
OTL logfile created on: 6/10/2014 8:09:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Britt\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 43.83% Memory free
7.71 Gb Paging File | 5.21 Gb Available in Paging File | 67.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69.52 Gb Total Space | 11.26 Gb Free Space | 16.20% Space Free | Partition Type: NTFS
Drive D: | 69.52 Gb Total Space | 69.16 Gb Free Space | 99.47% Space Free | Partition Type: NTFS
Computer Name: BRITT-PC | User Name: Britt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/10 20:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Britt\Downloads\OTL.exe
PRC - [2014/06/10 19:46:14 | 000,103,989 | ---- | M] (Yahoo! Inc.) -- C:\Users\Britt\AppData\Local\Temp\~nsu.tmp\Au_.exe
PRC - [2014/06/09 18:05:32 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/06/09 18:02:34 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/05/13 19:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/05/26 21:22:39 | 000,045,917 | ---- | M] () -- C:\Users\Britt\AppData\Local\Temp\A~NSISu_.exe
PRC - [2009/10/05 15:27:02 | 001,779,712 | ---- | M] (NetZero, Inc.) -- c:\Program Files (x86)\NetZero\exec.exe
PRC - [2008/03/28 20:43:42 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2008/02/15 17:07:48 | 004,840,960 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2007/09/04 15:52:08 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2007/02/12 04:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/09 12:13:08 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/05/13 19:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 19:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 19:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2014/02/10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Britt\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Britt\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2010/05/26 21:22:39 | 000,045,917 | ---- | M] () -- C:\Users\Britt\AppData\Local\Temp\A~NSISu_.exe
MOD - [2010/03/15 19:57:20 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/02/15 17:07:48 | 004,840,960 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
MOD - [2007/02/02 19:15:34 | 002,134,016 | ---- | M] () -- C:\Program Files (x86)\ToneThis\codecs\ffdshow\ffdshow.ax
========== Services (SafeList) ==========
SRV:64bit: - [2014/06/09 18:02:34 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/10/10 18:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2008/07/08 11:25:14 | 000,901,120 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 02:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/05 18:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/02/12 04:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/19 15:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/09 18:04:38 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/06/09 18:04:37 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/06/09 18:04:37 | 000,064,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2014/06/09 18:02:53 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/06/09 18:02:53 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2014/06/09 18:02:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/06/09 18:02:51 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/06/09 18:02:51 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/12/14 19:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 16:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/07/08 12:47:00 | 004,599,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/05/28 20:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/05/19 01:45:00 | 000,448,000 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:64bit: - [2008/05/09 04:44:44 | 000,247,808 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/04/27 21:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/04/01 03:00:40 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL8187Se.sys -- (RTL8187Se)
DRV:64bit: - [2008/03/03 21:12:46 | 000,058,456 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/03/02 21:32:22 | 000,051,672 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/02/21 13:55:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/01/20 22:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2008/01/20 22:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/11/01 05:22:50 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/11/01 05:19:46 | 000,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/11/01 05:18:32 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/18 02:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/05/23 20:47:28 | 000,020,784 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/04/26 05:38:44 | 000,305,976 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2006/06/19 01:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 14:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files (x86)\NetZero\SearchEnh1.dll (NetZero, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (NetZero Toolbar Helper) - {FE3098B0-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\NetZero\UCReg.dll (NetZero, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKCU..\Run: [NetZero_uoltray] C:\Program Files (x86)\NetZero\exec.exe (NetZero, Inc.)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 File not found
O4 - HKLM..\RunOnce: [New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.net ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E884334-E11C-48BA-96F3-C370C42D58B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85F204C0-6D50-4C2C-9926-BA25E5A9D9E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A39B7600-F813-4F10-B2A5-B22CBDC29BAC}: NameServer = 207.241.128.128 207.241.128.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Britt\Pictures\wayne.jpg
O24 - Desktop BackupWallPaper: C:\Users\Britt\Pictures\wayne.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{769b8c45-a04c-11df-beb1-0017c450837c}\Shell - "" = AutoRun
O33 - MountPoints2\{769b8c45-a04c-11df-beb1-0017c450837c}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{dc27a8c7-e7c5-11df-b858-0017c450837c}\Shell - "" = AutoRun
O33 - MountPoints2\{dc27a8c7-e7c5-11df-b858-0017c450837c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{de866017-4130-11df-9f59-00e0b8ed6113}\Shell - "" = AutoRun
O33 - MountPoints2\{de866017-4130-11df-9f59-00e0b8ed6113}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/09 20:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/09 20:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/09 20:38:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/09 19:56:09 | 000,000,000 | ---D | C] -- C:\Users\Britt\AppData\Local\ElevatedDiagnostics
[2014/06/09 19:54:41 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/06/09 18:02:47 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/09 13:55:18 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/09 13:41:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/09 13:36:41 | 000,000,000 | ---D | C] -- C:\Users\Britt\AppData\Roaming\SUPERAntiSpyware.com
[2014/06/09 13:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/06/09 13:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/06/09 13:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/06/09 13:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/09 13:31:12 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/06/09 13:31:12 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/06/09 13:31:12 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/06/09 13:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/09 13:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/09 13:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/06/09 13:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/06/09 12:23:29 | 000,000,000 | ---D | C] -- C:\Users\Britt\AppData\Roaming\AVAST Software
[2014/06/09 12:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/06/09 12:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/09 12:13:49 | 000,065,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2014/06/09 12:13:45 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/06/09 12:13:44 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/06/09 12:13:42 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/06/09 12:13:39 | 000,064,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswrdr.sys
[2014/06/09 12:13:31 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/06/09 12:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/06/09 12:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
========== Files - Modified Within 30 Days ==========
[2014/06/10 20:32:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/10 20:32:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/10 20:28:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/10 19:44:37 | 000,709,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/10 19:44:37 | 000,608,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/10 19:44:37 | 000,106,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/10 19:43:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/09 20:21:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2014/06/09 20:21:50 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/09 20:21:02 | 4024,877,056 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/09 18:04:38 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/06/09 18:04:37 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/06/09 18:04:37 | 000,064,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswrdr.sys
[2014/06/09 18:02:53 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/06/09 18:02:53 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2014/06/09 18:02:52 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/06/09 18:02:51 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/06/09 18:02:51 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/06/09 18:02:51 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/06/09 18:02:47 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/09 13:58:02 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/09 13:28:01 | 000,002,051 | ---- | M] () -- C:\Users\Britt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/12 07:26:06 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2014/06/09 18:03:05 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/06/09 12:19:11 | 000,002,051 | ---- | C] () -- C:\Users\Britt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/09 12:13:48 | 000,208,416 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/06/09 12:13:47 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2011/04/25 00:16:04 | 000,000,182 | ---- | C] () -- C:\Users\Britt\AppData\Roaming\wklnhst.dat
[2010/04/29 04:00:17 | 000,000,680 | ---- | C] () -- C:\Users\Britt\AppData\Local\d3d9caps.dat
[2010/04/25 15:06:09 | 000,007,680 | ---- | C] () -- C:\Users\Britt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 12:50:13 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/06/09 12:23:29 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\AVAST Software
[2010/04/19 11:52:56 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\GetRightToGo
[2011/07/22 00:00:02 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\Ludia
[2011/04/25 00:16:07 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\Template
[2011/02/09 08:56:42 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\WeatherBug
[2011/02/23 20:07:23 | 000,000,000 | ---D | M] -- C:\Users\Britt\AppData\Roaming\WildTangent
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 6/10/2014 8:09:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Britt\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 43.83% Memory free
7.71 Gb Paging File | 5.21 Gb Available in Paging File | 67.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69.52 Gb Total Space | 11.26 Gb Free Space | 16.20% Space Free | Partition Type: NTFS
Drive D: | 69.52 Gb Total Space | 69.16 Gb Free Space | 99.47% Space Free | Partition Type: NTFS
Computer Name: BRITT-PC | User Name: Britt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 54 D1 D8 CE B4 0D CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3FCF5329-EE41-4793-AD45-062E2F6A65D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F54B4517-A961-489E-A683-4B2357F11978}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01060673-9DEB-45CE-BE0F-721A4C7C647C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{16B74E3F-6753-418C-A41F-72052052FADF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8A549AAD-3460-46BB-A84F-289FD48D26A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{910B5D0B-A43C-4314-B6BE-B6CB2DE68443}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |
"{9EDD2C88-8038-447B-9C1A-CA18680E810B}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |
"{CBF67101-4FF1-41BB-9B9E-5308EF4001FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E60715B0-2E13-4E76-B413-9EB27528A0B3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A1417AC5-5D45-4B10-A391-FFECD3BE6BA9}" = O2Micro Flash Memory Card Reader Driver (x64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D454E8CA-7926-8B8F-147D-E5C2D1BFE850}" = ccc-utility64
"{E49D58C9-4FC5-4A87-AA45-2B1A0BA95322}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0BDF0D64-0791-D5C8-8904-177D50152818}" = Catalyst Control Center Graphics Previews Vista
"{0BFC5CD5-166D-FB21-8382-B439FFB67455}" = CCC Help Chinese Traditional
"{0C08F3FD-4639-D634-0B7A-6DA2547FCD0F}" = Catalyst Control Center Graphics Full New
"{1207CB6C-E041-3A8B-7ECF-246C8B75EDE2}" = CCC Help Polish
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C3FCB4B-F5F0-089E-3B9F-12BD9A6B19DD}" = CCC Help French
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2673C091-F2CC-68F0-90A8-544A4A1C70FA}" = Catalyst Control Center Localization Russian
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{27C60509-23A7-BB98-5456-FD297A543FF5}" = Catalyst Control Center Localization Thai
"{28326C0E-6F73-4E06-C5AD-E5DCA8206887}" = CCC Help Japanese
"{2849583C-1839-05AC-17EE-BEB8863DC015}" = Catalyst Control Center Localization Swedish
"{2E5B7C38-EEFB-D89C-D5CD-E4F24AA0575A}" = Catalyst Control Center Localization Czech
"{322DD63E-D33C-065F-64E3-8B24C0383832}" = CCC Help Danish
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{39BC4A43-061F-8405-CAF2-0B342EFFC57A}" = Catalyst Control Center Core Implementation
"{3A000E8A-594B-475B-B05D-D0228E03D4F2}" = Catalyst Control Center Localization Hungarian
"{3BBF8324-0EA6-83EA-3F41-7F4E9EED122E}" = Catalyst Control Center Localization Italian
"{3D53AEE1-FCBC-6944-7B7A-E70530B2B552}" = Catalyst Control Center Localization Chinese Traditional
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{46A76112-BDB8-EBD5-B929-1A982B2A9A9C}" = CCC Help Thai
"{47F2684A-EC51-A92A-DDC1-2FF6A8504CE5}" = Skins
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AADCCB4-D071-4A3F-F126-9B97A2A59B72}" = CCC Help Swedish
"{4D013091-3AB7-544E-B9AE-AC66CFB06ED2}" = Catalyst Control Center Localization Korean
"{502BAC44-1AC4-E228-2AAA-E4A1C7CEF223}" = Catalyst Control Center Localization Portuguese
"{5577FFE3-E0A2-7EF6-614A-5167C894F60E}" = Catalyst Control Center Localization Japanese
"{55CB46D1-0D47-3556-B7B1-A03F451B8BC4}" = Catalyst Control Center Localization Spanish
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BED7068-888C-91E6-9956-1368859ADA6F}" = Catalyst Control Center Localization Chinese Standard
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{60B1CD71-1338-C995-7404-FAFB405C61B7}" = CCC Help Hungarian
"{6A53188E-FA39-01F6-7810-8F6058F524F0}" = Catalyst Control Center Localization Norwegian
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6c651250-2eb2-11d5-8e33-0050dad72ac2}" = NetZero Internet
"{6CC271F8-0F8E-CCA8-531B-8A2EA5A15350}" = CCC Help English
"{6FE52CBC-91F2-3A7C-7911-B8F50316C57A}" = CCC Help Portuguese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71B32D19-0A2A-D4E3-06E1-3C4CDAA08061}" = CCC Help Korean
"{73EDA479-0AC7-FB96-3553-988A6176B6AD}" = Catalyst Control Center Localization Polish
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D94AAAF-906C-F427-335B-528BD6614664}" = ccc-core-static
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{893C8307-1FB4-38AF-C514-5596EB63B23C}" = Catalyst Control Center Graphics Light
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B90C62B-6940-880D-5EB0-F345529BE772}" = CCC Help Russian
"{8E3D2DDE-9F57-1FA6-4FD9-F1E00B35815A}" = Catalyst Control Center Localization Greek
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{98C2E677-2329-6997-C917-B4E1EB82204F}" = Catalyst Control Center Localization Danish
"{9DEDFA43-1EF3-9DE9-A22A-45BEED0DC85E}" = CCC Help Spanish
"{9F3C325B-4F1A-6895-821E-B95230861363}" = CCC Help Dutch
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A98788C1-8CB6-401F-4FB8-EA51F6FB875D}" = Catalyst Control Center Localization German
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B399A079-EBF8-8A2D-2F32-D6872F7F33C6}" = Catalyst Control Center Localization Finnish
"{BC0B1721-9FF5-E1E0-B76D-FD9DBC4A585A}" = CCC Help Italian
"{C304A027-8FF4-C996-B42E-6B793C62C26C}" = CCC Help Norwegian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CC735442-681B-C508-644B-BCEA9E84AD1C}" = CCC Help German
"{D11BCEFE-6EB6-2BAE-56E7-98E991A126F8}" = CCC Help Greek
"{D2634429-551C-83D9-2146-9D5F73866A45}" = CCC Help Czech
"{D57F8A1D-2353-AAE2-550D-9911428AD035}" = CCC Help Finnish
"{DF4F05E6-4372-CFAA-9E0B-5328E77B89CC}" = Catalyst Control Center Graphics Full Existing
"{DFC7E5A7-0FD4-EBE5-0BD3-0CAE92D2EB58}" = CCC Help Turkish
"{E5473A00-9960-C463-051F-94B49D4B8403}" = Catalyst Control Center Localization French
"{ED301157-F110-723F-9010-F42D4FEC5101}" = Catalyst Control Center Localization Turkish
"{EE09948F-A299-F4F2-186A-1B86BBEE7447}" = CCC Help Chinese Standard
"{EF44638E-D4EF-7110-4596-EECA30E6EEE3}" = Catalyst Control Center Localization Dutch
"Adobe AIR" = Adobe AIR
"Avast" = avast! Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NetZero HiSpeed" = NetZero HiSpeed (remove only)
"ToneThis" = ToneThis
"WildTangent gateway Master Uninstall" = Gateway Games
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetAssistant" = Freeze.com NetAssistant
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/31/2014 5:20:15 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:20:15 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:20:16 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:20:16 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:47:28 AM | Computer Name = Britt-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/31/2014 5:56:00 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:56:00 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:56:00 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 5:56:00 AM | Computer Name = Britt-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 1/31/2014 6:05:30 AM | Computer Name = Britt-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 4/7/2011 3:11:16 PM | Computer Name = Britt-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 7/19/2011 4:38:02 PM | Computer Name = Britt-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 12/19/2011 1:16:28 AM | Computer Name = Britt-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 1/25/2014 3:06:04 AM | Computer Name = Britt-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
[ System Events ]
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 4/21/2014 9:01:11 PM | Computer Name = Britt-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 6/9/2014 12:13:34 PM | Computer Name = Britt-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 6/9/2014 12:23:14 PM | Computer Name = Britt-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Edited by spangles, 11 June 2014 - 05:51 AM.