Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cleaned Older PC of problems wanted to make sure nothing else might b


  • This topic is locked This topic is locked

#1
Goldfish76

Goldfish76

    New Member

  • Member
  • Pip
  • 1 posts

OTL

 

 

 

OTL logfile created on: 11/4/2014 1:58:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Diane Peterson\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1013.30 Mb Total Physical Memory | 114.32 Mb Available Physical Memory | 11.28% Memory free
2.24 Gb Paging File | 0.93 Gb Available in Paging File | 41.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.37 Gb Total Space | 215.18 Gb Free Space | 74.62% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.31 Gb Free Space | 44.39% Space Free | Partition Type: NTFS
 
Computer Name: JANICE | User Name: Diane Peterson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/04 13:57:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Diane Peterson\Downloads\OTL (1).exe
PRC - [2014/10/21 22:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/09/21 04:32:26 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
PRC - [2014/09/04 06:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/18 07:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files\OtShot\otshot.exe
PRC - [2009/07/04 04:08:26 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/07 09:23:46 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/01/19 01:33:01 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007/06/22 20:14:22 | 001,077,248 | ---- | M] () -- C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
PRC - [2007/03/11 20:26:24 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\Diane Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
PRC - [2007/03/06 11:38:18 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2006/11/18 09:01:42 | 000,182,744 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
PRC - [2006/11/18 09:01:32 | 000,272,856 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
PRC - [2006/11/18 09:01:26 | 000,195,032 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2006/11/18 09:00:48 | 000,550,872 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
PRC - [2006/11/18 09:00:06 | 000,174,552 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
PRC - [2006/11/18 08:59:38 | 000,081,880 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
PRC - [2006/11/18 08:59:02 | 000,032,216 | ---- | M] () -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
PRC - [2006/11/15 18:58:26 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/15 18:57:58 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/11/09 18:15:06 | 000,053,248 | ---- | M] (Chicony) -- C:\Windows\ModLEDKey.exe
PRC - [2006/11/02 10:39:26 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\wdm\stacsv.exe
PRC - [2006/11/02 10:38:52 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/10/29 11:03:30 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2006/09/26 12:56:00 | 000,423,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
PRC - [1998/08/31 04:00:00 | 000,189,952 | ---- | M] (Micrografx, Inc.) -- C:\Program Files\CreataCard\Gold\FMRemind.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/21 22:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/21 22:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2012/10/18 07:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files\OtShot\otshot.exe
MOD - [2007/06/22 20:14:22 | 001,077,248 | ---- | M] () -- C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
MOD - [2007/06/22 20:14:14 | 000,118,784 | ---- | M] () -- C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\iface.dll
MOD - [2007/06/22 20:03:44 | 000,405,504 | ---- | M] () -- C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\res.dll
MOD - [2004/12/08 13:23:40 | 001,531,980 | ---- | M] () -- C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\WCN_DLL.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\SmarterPower\updateSmarterPower.exe -- (Update SmarterPower)
SRV - [2014/11/04 13:35:23 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/31 14:01:26 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/21 04:32:26 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe -- (NIS)
SRV - [2014/09/04 06:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/06 11:38:18 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2006/11/18 09:01:26 | 000,195,032 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/11/18 09:00:48 | 000,550,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/11/18 09:00:06 | 000,174,552 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/11/18 08:59:38 | 000,081,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/11/18 08:59:02 | 000,032,216 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/11/15 18:57:58 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/11/02 10:39:26 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\wdm\stacsv.exe -- (STacSV)
SRV - [2006/10/29 11:03:30 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Sacm2K.sys -- (USBCM)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\church46\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/10/05 03:55:49 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141103.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/10/05 03:55:49 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141103.034\NAVENG.SYS -- (NAVENG)
DRV - [2014/10/03 13:19:32 | 001,138,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141030.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/09 08:35:40 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/09/09 08:35:39 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/08/30 13:13:54 | 000,055,064 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt.sys -- ({5eeb83d0-96ea-4249-942c-beead6847053}Gt)
DRV - [2014/08/27 18:27:14 | 000,476,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141103.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/08/25 20:20:22 | 000,664,792 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\srtsp.sys -- (SRTSP)
DRV - [2014/08/25 20:20:22 | 000,032,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\srtspx.sys -- (SRTSPX)
DRV - [2014/08/06 13:48:16 | 000,209,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\ironx86.sys -- (SymIRON)
DRV - [2014/06/26 16:19:28 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/03/03 22:18:12 | 000,936,152 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\symefa.sys -- (SymEFA)
DRV - [2014/02/20 17:14:34 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\ccsetx86.sys -- (ccSet_NIS)
DRV - [2014/02/17 19:32:41 | 000,384,728 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\symtdiv.sys -- (SYMTDIv)
DRV - [2013/10/30 01:26:19 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1506000.020\symds.sys -- (SymDS)
DRV - [2010/07/14 10:33:08 | 002,696,960 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV - [2007/11/29 14:57:28 | 000,893,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2007/03/06 11:14:02 | 000,005,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2006/11/28 23:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006/11/18 09:01:08 | 000,018,904 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2006/11/02 14:39:42 | 000,812,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/02 01:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 01:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/11/02 01:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/26 12:44:40 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/26 12:44:36 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/19 17:49:48 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/09/27 18:37:24 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsgopro.sys -- (nmsgopro)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {CAD2DE52-9349-4E1C-B00B-C9E85C253B0C}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://search.aol.co...ionType=tb50ie7
IE - HKLM\..\SearchScopes\{7FA22074-EBC5-4461-B1D5-9760D35B809B}: "URL" = http://www.google.co...age={startPage}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2612669
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 6F 40 20 D4 33 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {CAD2DE52-9349-4E1C-B00B-C9E85C253B0C}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://astromenda.co...r=160092641&ir=
IE - HKCU\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://search.condui...2626B558D&SSPV=
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.msn.ipl...q={searchTerms}
IE - HKCU\..\SearchScopes\{7BD9B17A-B164-412F-B74F-CDEEEB328CEB}: "URL" = http://www.google.co...&rlz=1I7GCNV_en
IE - HKCU\..\SearchScopes\{7FA22074-EBC5-4461-B1D5-9760D35B809B}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKCU\..\SearchScopes\{CAD2DE52-9349-4E1C-B00B-C9E85C253B0C}: "URL" = http://search.condui...7233188219&UM=1
IE - HKCU\..\SearchScopes\{FB9636D4-656F-4511-9948-8E16263107F5}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Astromenda"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\Windows\ [2014/11/04 13:07:49 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn\ [2014/11/04 12:56:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{57E72829-C158-4341-BBED-58F0AD1740FD}: C:\Program Files\Google\Google Photos Screensaver\FF_ext [2007/05/09 00:12:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013/09/21 13:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diane Peterson\AppData\Roaming\Mozilla\Extensions
[2014/08/31 16:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diane Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\ns1phrfn.default\extensions
[2014/08/31 16:43:14 | 000,002,833 | ---- | M] () -- C:\Users\Diane Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\ns1phrfn.default\searchplugins\Astromenda.xml
[2014/10/31 14:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/10/31 14:01:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - default_search_provider: 5E7153F77EFCE6F942FB4FA6EF9465DB40F2EA5F8DF8397186C904C5EF1E50EB (Enabled)
CHR - default_search_provider: search_url = FF34D566F4F24EB0E068105DFE1E9315AB85635B3A570D946F61FA33D9603AA0
CHR - default_search_provider: suggest_url = 
CHR - homepage: 0E14711AFF5FDE5698B3560FF60DFEBC7D55A49C2948E505D208CF5DFC7F9346
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.31.4.510_0\
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.31.4.510_0\nativeMessaging\nmHost
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\Diane Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2011/06/21 09:06:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ledpointer] C:\Windows\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [MoLed] C:\Windows\ModLEDKey.exe (Chicony)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [OtShot] C:\Program Files\OtShot\otshot.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [PeenyBee] C:\Users\Diane Peterson\AppData\Local\PennyBee\PennyBeeW.exe File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Diane Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Value error. File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{497D4527-C050-4730-824A-4B3978329E43}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5336D218-893E-4E5C-BE49-D55EB4DC89C8}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Diane Peterson\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Diane Peterson\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/04 13:12:41 | 000,000,000 | ---D | C] -- C:\Users\Diane Peterson\AppData\Roaming\MyTurboPC.com
[2014/11/04 13:12:41 | 000,000,000 | ---D | C] -- C:\Users\Diane Peterson\AppData\Roaming\DriverCure
[2014/11/04 13:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\MyTurboPC.com
[2014/11/04 12:36:13 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2014/10/31 14:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/04 13:58:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/04 13:57:41 | 000,001,180 | ---- | M] () -- C:\Users\Diane Peterson\AppData\Roaming\wklnhst.dat
[2014/11/04 13:57:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-330736717-3934525603-2907793658-1001UA.job
[2014/11/04 13:54:07 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/04 13:05:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/04 13:05:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/04 12:59:45 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/04 12:59:45 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/04 12:55:15 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/04 12:55:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/04 10:57:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-330736717-3934525603-2907793658-1001Core.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/03 15:50:23 | 000,003,584 | ---- | C] () -- C:\Users\Diane Peterson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/29 11:00:04 | 000,000,680 | ---- | C] () -- C:\Users\Diane Peterson\AppData\Local\d3d9caps.dat
[2013/10/26 16:23:21 | 000,141,071 | ---- | C] () -- C:\Windows\hpoins14.dat
[2013/04/14 09:51:45 | 000,000,380 | ---- | C] () -- C:\Users\Diane Peterson\Documents - Shortcut.lnk
[2013/04/13 13:00:33 | 000,001,180 | ---- | C] () -- C:\Users\Diane Peterson\AppData\Roaming\wklnhst.dat
[2013/04/07 15:33:17 | 000,000,056 | ---- | C] () -- C:\Windows\MSREGUSR.INI
[2013/04/07 15:32:17 | 000,306,688 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL
[2013/04/07 15:32:17 | 000,302,592 | ---- | C] () -- C:\Windows\System32\pgp.dll
[2013/04/07 15:32:17 | 000,095,232 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL
[2013/04/07 15:32:17 | 000,093,184 | ---- | C] () -- C:\Windows\System32\keydb.dll
[2013/04/07 15:32:17 | 000,070,656 | ---- | C] () -- C:\Windows\System32\simple.dll
[2013/04/07 15:32:17 | 000,065,024 | ---- | C] () -- C:\Windows\System32\bn.dll
 
========== ZeroAccess Check ==========
 
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 09:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/04 04:07:18 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 01:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/09/01 10:05:35 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\.minecraft
[2014/09/01 10:24:18 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\.mono
[2014/11/04 13:12:41 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\DriverCure
[2014/08/31 16:56:20 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\Gameo
[2014/08/31 16:19:33 | 000,000,000 | -H-D | M] -- C:\Users\Diane Peterson\AppData\Roaming\GoldenGate
[2014/11/04 13:12:41 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\MyTurboPC.com
[2014/08/31 10:45:55 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\Oberon Media
[2013/10/25 11:17:58 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\SampleView
[2013/04/13 13:00:37 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\Template
[2014/09/01 10:24:16 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\Unity
[2014/08/31 16:19:12 | 000,000,000 | ---D | M] -- C:\Users\Diane Peterson\AppData\Roaming\UpdaterEX
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:C64C2839
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:DFC5A2B2
 
< End of report >

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, sorry for the delay. Could I have a fresh scan please and an update on your problems

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP