The computer was receiving a BSOD and could not get it to boot at all even in safe mode. So I did a repair with Windows disk and was able to repair the computer to be able to boot again. When I finally got back in I downloaded MBAM and it found over 200 infections. Allowed it to deal with those. Then I downloaded Avast and did a boot scan and it found lots more. All those were "moved to chest". I tried to uninstall Microsoft Essentials but it said it was missing package so I couldn't get it to uninstall. I assumed that package would be in the sp3 download. I need to install sp3 since I had to do the repair and I thought I needed to make sure system was clean before doing that. Here are the OTL logs. Thanks for you help.
OTL logfile created on: 8/9/2014 4:15:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\ShaReda Coleman\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.86% Memory free
3.84 Gb Paging File | 3.19 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): d:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 11.84 Gb Total Space | 9.70 Gb Free Space | 81.92% Space Free | Partition Type: NTFS
Drive D: | 38.78 Gb Total Space | 20.87 Gb Free Space | 53.83% Space Free | Partition Type: NTFS
Computer Name: SC-DALG4WVDDC4I | User Name: ShaReda Coleman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/09 16:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
PRC - [2014/08/08 22:52:29 | 004,085,896 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/08/08 22:51:45 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013/02/04 12:24:12 | 000,620,480 | ---- | M] (Oberon Media ) -- D:\Program Files\GamesBar\update\SearchEngineProtection.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/01/20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2005/02/23 15:57:24 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Mixer\CTSVolFE.exe
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014/08/09 14:52:40 | 002,795,520 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\defs\14080901\algo.dll
MOD - [2014/08/08 22:51:48 | 019,329,904 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/08 22:51:46 | 000,301,152 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/07/13 19:17:14 | 002,003,424 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/04 22:42:36 | 000,086,016 | ---- | M] () -- D:\WINDOWS\system32\custmon32i.dll
MOD - [2007/10/09 19:17:44 | 000,139,264 | ---- | M] () -- D:\WINDOWS\system32\preflib.dll
MOD - [2007/10/09 19:17:36 | 000,753,664 | ---- | M] () -- D:\WINDOWS\system32\bcm1xsup.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2014/08/08 22:51:45 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/08/08 19:42:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- D:\DOCUME~1\SHARED~1\LOCALS~1\Temp\10072.sys -- (10072)
DRV - [2014/08/09 13:44:31 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/08/08 22:52:24 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/08/08 22:51:50 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/08/08 22:51:50 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/08/08 22:51:50 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/08/08 22:51:50 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/08/08 22:51:50 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/08/08 22:51:50 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/08/08 22:51:50 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/08 18:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- D:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys -- (ccSet_NST)
DRV - [2007/10/09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/26 21:09:40 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/05/25 17:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 18:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 18:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.gamesag...play.com/?o=shp
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {89C9B53A-7A2E-4582-AD42-8035C7C098E3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2FDF580B-CCA1-4486-B170-BEDBFEEADC7A}: "URL" = http://websearch.ask...91-25FCF541B9EA
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.gamesag...q={searchTerms}
IE - HKCU\..\SearchScopes\{805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{89C9B53A-7A2E-4582-AD42-8035C7C098E3}: "URL" = http://search.yahoo....310,16665,0,8,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:9.0.2021.112
FF - prefs.js..keyword.URL: "http://search.mywebs...491&searchfor="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: D:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/08 22:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012/11/25 01:45:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012/09/18 18:31:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\FriendsChecker\Firefox\
[2012/07/30 18:14:03 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Extensions
[2014/08/09 16:10:27 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\extensions
[2012/11/14 21:11:17 | 000,002,336 | ---- | M] () -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml
[2012/08/19 14:17:57 | 000,002,220 | ---- | M] () -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml
[2012/07/30 18:13:53 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2014/08/08 22:51:51 | 000,000,000 | ---D | M] (avast! Online Security) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/24 22:59:28 | 000,002,465 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/24 22:59:28 | 000,002,253 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: www.google.com
O1 HOSTS File: ([2003/07/16 11:23:48 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSVolFE.exe] D:\Program Files\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [MSC] d:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2] D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [SearchEngineProtection] D:\Program Files\GamesBar\update\SearchEngineProtection.exe (Oberon Media )
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.0.53 24.116.2.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBF4130B-D8A8-433E-B085-AF3B6CA6038C}: DhcpNameServer = 24.116.0.53 24.116.2.50
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/29 21:33:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell - "" = AutoRun
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell - "" = AutoRun
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/09 16:14:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
[2014/08/08 23:12:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2014/08/08 22:59:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\jumpshot.com
[2014/08/08 22:52:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/08/08 22:52:03 | 000,057,800 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 22:52:01 | 000,779,536 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 22:52:01 | 000,414,520 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 22:52:00 | 000,067,824 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 22:51:58 | 000,055,112 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 22:51:53 | 000,276,432 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 22:51:49 | 000,043,152 | ---- | C] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 22:45:28 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2014/08/08 22:44:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/08/08 22:32:49 | 000,000,000 | ---D | C] -- D:\Avenger
[2014/08/08 20:44:53 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/08 20:44:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/08 20:44:16 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/08/08 20:44:16 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2014/08/08 20:44:16 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes Anti-Malware
[2014/08/08 20:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/08/08 19:00:57 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2014/08/08 18:55:53 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot_bak
[2014/08/08 17:55:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2014/08/08 17:49:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2014/08/08 17:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2014/08/08 17:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2014/08/08 17:46:23 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2014/08/08 17:44:29 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[9 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/08/09 16:21:00 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/08/09 16:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
[2014/08/09 16:10:31 | 000,001,801 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/08/09 16:09:06 | 000,001,919 | ---- | M] () -- D:\WINDOWS\epplauncher.mif
[2014/08/09 16:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At42.job
[2014/08/09 15:58:05 | 000,000,904 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/09 15:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At41.job
[2014/08/09 14:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At40.job
[2014/08/09 13:44:31 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/09 13:44:00 | 000,000,414 | ---- | M] () -- D:\WINDOWS\tasks\ProgramUpdateCheck.job
[2014/08/09 13:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At39.job
[2014/08/09 12:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At38.job
[2014/08/09 11:00:00 | 000,000,426 | ---- | M] () -- D:\WINDOWS\tasks\PC Optimizer Pro Scan.job
[2014/08/09 11:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At37.job
[2014/08/09 10:52:02 | 000,000,382 | -H-- | M] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/09 10:50:04 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2014/08/09 10:49:02 | 000,000,900 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/09 10:48:59 | 000,000,490 | ---- | M] () -- D:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
[2014/08/09 10:48:59 | 000,000,430 | ---- | M] () -- D:\WINDOWS\tasks\PC Optimizer Pro startups.job
[2014/08/09 10:48:48 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2014/08/09 08:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At34.job
[2014/08/09 07:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At33.job
[2014/08/09 06:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At32.job
[2014/08/09 05:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At31.job
[2014/08/09 04:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At30.job
[2014/08/09 03:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At29.job
[2014/08/09 02:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At28.job
[2014/08/09 01:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At27.job
[2014/08/09 00:39:10 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At26.job
[2014/08/08 23:18:04 | 000,439,874 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2014/08/08 23:18:03 | 000,071,006 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2014/08/08 22:52:49 | 000,001,733 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/08 22:52:24 | 000,414,520 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 22:51:50 | 000,779,536 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 22:51:50 | 000,192,352 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 22:51:50 | 000,067,824 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 22:51:50 | 000,057,800 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 22:51:50 | 000,055,112 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 22:51:50 | 000,049,944 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 22:51:50 | 000,024,184 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 22:51:49 | 000,276,432 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 22:51:49 | 000,043,152 | ---- | M] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 22:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At48.job
[2014/08/08 21:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At47.job
[2014/08/08 20:44:26 | 000,000,777 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 20:25:01 | 000,000,414 | ---- | M] () -- D:\WINDOWS\tasks\At1.job
[2014/08/08 20:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At46.job
[2014/08/08 19:58:00 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/08/08 19:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At45.job
[2014/08/08 18:17:24 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2014/08/08 18:00:00 | 000,000,464 | ---- | M] () -- D:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/08/08 18:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At44.job
[2014/08/08 17:50:01 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At49.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At43.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At36.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At35.job
[2014/08/08 17:49:21 | 000,317,952 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2014/08/08 17:48:04 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 17:48:00 | 000,000,288 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2014/08/08 17:43:16 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2014/08/08 17:43:14 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2014/08/08 17:43:14 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2014/08/08 17:42:54 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2014/08/08 17:39:22 | 000,022,720 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[9 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/08/08 22:52:49 | 000,001,733 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/08 22:52:16 | 000,000,382 | -H-- | C] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/08 22:52:02 | 000,192,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 22:52:00 | 000,049,944 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 22:51:59 | 000,024,184 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 20:44:26 | 000,000,777 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 20:25:01 | 000,000,062 | ---- | C] () -- D:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/08/08 17:48:06 | 000,013,006 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 17:46:13 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2014/08/08 17:45:39 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2014/08/08 17:45:27 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2014/08/08 17:45:26 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2014/08/08 17:45:23 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2014/08/08 17:45:07 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2014/08/08 17:44:57 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2014/08/08 17:44:51 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2014/08/08 17:44:33 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2014/08/08 17:41:37 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/08/08 17:23:48 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2014/08/08 17:23:48 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2014/08/08 17:23:48 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2014/08/08 17:23:48 | 000,141,702 | ---- | C] () -- D:\WINDOWS\System32\dllcache\netfx.cat
[2014/08/08 17:23:48 | 000,110,116 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tabletpc.cat
[2014/08/08 17:23:48 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2014/08/08 17:23:48 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2014/08/08 17:23:48 | 000,031,281 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2014/08/08 17:23:48 | 000,024,209 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2014/08/08 17:23:48 | 000,013,753 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2014/08/08 17:23:48 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2014/08/08 17:23:48 | 000,011,651 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2014/08/08 17:23:48 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2014/08/08 17:23:48 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2014/08/08 17:23:48 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2014/08/08 17:23:48 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2014/08/08 17:23:48 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2014/08/08 17:23:47 | 002,012,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2014/08/08 17:23:47 | 000,502,724 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/04/15 11:01:29 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\1AVSYdaJ.dat
[2013/04/15 11:01:13 | 000,000,001 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\edd47P0X.exe_.b
[2013/04/15 11:01:13 | 000,000,001 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\edd47P0X.exe.b
[2013/04/14 21:09:29 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\acrobat.exe
[2013/04/14 21:09:28 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe
[2013/04/03 20:26:49 | 000,105,324 | ---- | C] () -- D:\WINDOWS\System32\itusbcore.dat
[2013/04/03 20:26:49 | 000,000,197 | ---- | C] () -- D:\WINDOWS\System32\itlsvc.dat
[2013/04/03 20:22:42 | 000,235,000 | ---- | C] () -- D:\WINDOWS\System32\adodbupd.dat
[2013/03/17 20:41:13 | 000,066,048 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2013/02/09 22:38:56 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/09/23 17:56:34 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/19 14:17:30 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\custmon32i.dll
[2012/08/12 16:47:37 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v4814.dll
[2012/08/10 21:12:52 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
========== ZeroAccess Check ==========
[2013/04/14 21:09:41 | 000,002,048 | -HS- | M] () -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\@
[2013/04/14 21:13:52 | 000,000,000 | -HSD | M] -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\L
[2014/08/09 10:48:20 | 000,000,000 | -HSD | M] -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\U
[2013/04/17 18:25:35 | 000,000,804 | ---- | M] () -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\L\00000004.@
[2012/07/30 22:16:48 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = D:\RECYCLER\S-1-5-21-1708537768-1563985344-1801674531-1003\$ac87065e10e5fd268e3a2c7a1bc4aa35\n.
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/04 07:00:00 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/04 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/03/17 20:35:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/01/13 15:28:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\APN
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Avanquest
[2014/08/08 22:45:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/08/19 14:16:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Babylon
[2012/07/30 20:43:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Broderbund Software
[2013/02/21 18:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Browser Manager
[2012/08/13 17:13:54 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/11 09:49:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DriverGenius
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF 7
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF Jobs
[2013/01/20 21:59:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\FilesOpened
[2013/02/04 12:24:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Oberon Media
[2012/11/25 01:00:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ParetoLogic
[2013/03/03 07:43:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2014/08/08 18:42:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\RegWork
[2014/08/08 18:45:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Tarma Installer
[2014/08/08 23:12:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2012/08/19 14:16:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Babylon
[2012/12/29 18:46:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\com.jakks.spynet
[2012/11/25 01:01:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\DriverCure
[2014/08/09 08:41:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\DSite
[2013/02/04 12:24:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\encyclopediabritannicagamesbar
[2013/04/07 18:51:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\EurekaLog
[2012/09/01 21:28:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Expert PDF 7
[2014/08/08 22:32:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
[2013/04/15 11:28:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Fuetla
[2013/02/04 22:42:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\gamesagogo_w3i
[2014/08/08 22:27:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Ippe
[2013/04/03 20:26:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Izec
[2012/08/26 14:48:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\MusicOasis
[2013/02/04 12:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oberon Media
[2012/07/30 21:27:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oracle
[2013/02/18 21:25:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\PDF Reader Packages
[2012/11/05 16:39:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\PerformerSoft
[2013/02/18 21:26:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\SumatraPDF
[2013/04/03 20:22:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Taeq
[2012/08/26 14:53:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VideoBuzz
[2013/02/04 12:24:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VisicomToolBar
[2014/08/08 18:04:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
[2014/08/08 22:27:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Xoagek
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 8/9/2014 4:15:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\ShaReda Coleman\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.86% Memory free
3.84 Gb Paging File | 3.19 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): d:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 11.84 Gb Total Space | 9.70 Gb Free Space | 81.92% Space Free | Partition Type: NTFS
Drive D: | 38.78 Gb Total Space | 20.87 Gb Free Space | 53.83% Space Free | Partition Type: NTFS
Computer Name: SC-DALG4WVDDC4I | User Name: ShaReda Coleman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\System32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\VTech\Community\System\PCTray.exe" = D:\Program Files\VTech\Community\System\PCTray.exe:*:Disabled:Vtech local server
"D:\WINDOWS\explorer.exe" = D:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Microsoft_SDK\lib\include\iexploror.exe" = C:\Microsoft_SDK\lib\include\iexploror.exe:*:Enabled:iexploror
"D:\Program Files\Internet Explorer\IEXPLORE.EXE" = D:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"D:\Program Files\Mozilla Firefox\firefox.exe" = D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Program Files\Google\Chrome\Application\chrome.exe" = D:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0564C76B-8E1F-4157-8654-B0F9F308BEE9}" = HP Deskjet 3050 J610 series Basic Device Software
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java 7 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{683214A6-4003-4C57-B55E-079FD77A185F}" = The Print Shop Deluxe 15 EEV
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{856480C9-2428-15E1-97BC-685EE2A7B8E6}" = MusicOasis
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F2BBDD5D-7959-4F64-8737-F568092433F6}" = VideoBuzz
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = Expert PDF 7 Reader
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"7-Zip" = 7-zip v9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CTMBDemo_Audigy" = Sound Blaster Audigy ADVANCED MB Demo
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Files Opened" = Files Opened
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MIXERLITE" = Mixer
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicOasis" = MusicOasis
"NST" = Norton Safe Web Lite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Creator" = PDF Creator
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"Shockwave" = Shockwave
"Trusted Software Assistant_is1" = File Type Assistant
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PDF Reader" = PDF Reader
"PDF Reader Packages" = PDF Reader Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/8/2014 11:31:01 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:04 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:05 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:07 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:08 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:08 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:13 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:31:19 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Error - 8/8/2014 11:42:02 PM | Computer Name = SC-DALG4WVDDC4I | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF56 Description:. 0x8004FF56.
Error - 8/9/2014 5:09:07 PM | Computer Name = SC-DALG4WVDDC4I | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF56 Description:. 0x8004FF56.
[ System Events ]
Error - 8/9/2014 3:49:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126
Error - 8/9/2014 3:50:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.
Error - 8/9/2014 3:50:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126
Error - 8/9/2014 3:50:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.
Error - 8/9/2014 3:50:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126
Error - 8/9/2014 3:51:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.
Error - 8/9/2014 3:51:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126
Error - 8/9/2014 3:51:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.
Error - 8/9/2014 3:51:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126
Error - 8/9/2014 3:52:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.
< End of report >