Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Intermitent lock up on internet, high cpu & high disk write usage

Started by Falcor2 , Nov 19 2014 09:42 AM

  • This topic is locked This topic is locked

#1
Falcor2
Posted 19 November 2014 - 09:42 AM

Falcor2

    Member

  • Member
  • PipPip
  • 59 posts

Hello G2G

 

 

My computer has been locking up intermitently when going on the internet and has messages of high cpu and high disk write usage poping up from time to time. I ran Norton Internet Security and nothing shows but tracking cookies. In the past 30 days 2 Trojans were detected and quarantined.

 

 

Thank You

 

Lester

 

OTL Txt and Extras to follow

 

OTL logfile created on: 11/19/2014 9:35:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.50 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 63.35% Memory free
7.20 Gb Paging File | 5.95 Gb Available in Paging File | 82.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.31 Gb Total Space | 281.65 Gb Free Space | 61.45% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 0.88 Gb Free Space | 11.87% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/19 09:23:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2014/09/21 05:32:26 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
PRC - [2014/09/05 15:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) -- C:\Program Files\Coupons\CouponPrinterService.exe
PRC - [2014/09/04 07:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/20 20:39:26 | 001,154,112 | ---- | M] (Ruiware LLC) -- C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
PRC - [2014/07/07 14:29:58 | 000,072,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2013/03/14 21:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/03/14 21:59:30 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/12/14 16:18:50 | 001,481,200 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\Receiver\Receiver.exe
PRC - [2012/12/14 16:18:42 | 000,203,248 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\Receiver\ConfigurationWizard.exe
PRC - [2012/12/14 14:26:06 | 000,887,352 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/12/14 14:24:56 | 000,383,544 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/06/02 17:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 17:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/31 19:37:34 | 000,815,104 | ---- | M] (brother) -- C:\Program Files\Brownie\BrStsWnd.exe
PRC - [2007/07/23 17:45:48 | 000,090,112 | ---- | M] (brother) -- C:\Program Files\Brownie\brpjp04a.exe
PRC - [2007/01/02 20:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/12/10 20:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2006/11/09 05:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2006/09/28 08:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2005/11/16 20:08:40 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/15 08:14:11 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/15 08:13:59 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/15 08:13:56 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/15 08:13:50 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/15 08:13:31 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/07/03 12:20:20 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/13 12:11:16 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2006/12/10 20:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 20:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/11/12 08:24:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/21 05:32:26 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe -- (NIS)
SRV - [2014/09/05 15:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/09/04 07:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/29 18:43:02 | 000,255,040 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/07/07 14:29:58 | 000,072,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/04/28 21:13:21 | 000,203,344 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/15 00:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2008/06/02 17:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/28 01:00:14 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/02/28 01:00:14 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/09/11 18:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 18:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 17:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 17:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 01:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 11:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/11/17 18:58:45 | 000,479,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20141118.003\IDSvix86.sys -- (IDSVix86)
DRV - [2014/10/28 05:49:42 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141118.050\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/10/28 05:49:42 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141118.050\NAVENG.SYS -- (NAVENG)
DRV - [2014/10/03 14:19:32 | 001,138,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20141107.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/09 05:25:16 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/09/09 05:25:16 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/08/25 21:20:22 | 000,664,792 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\srtsp.sys -- (SRTSP)
DRV - [2014/08/25 21:20:22 | 000,032,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\srtspx.sys -- (SRTSPX)
DRV - [2014/08/06 14:48:16 | 000,209,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\ironx86.sys -- (SymIRON)
DRV - [2014/03/03 23:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\symefa.sys -- (SymEFA)
DRV - [2014/02/17 20:32:41 | 000,384,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\symtdiv.sys -- (SYMTDIv)
DRV - [2013/11/28 19:21:44 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/09/25 21:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/09/09 21:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\NIS\1506000.020\symds.sys -- (SymDS)
DRV - [2013/03/15 00:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/12/05 15:23:32 | 000,073,544 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010/06/23 09:23:46 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/04/30 17:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 17:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/06/10 14:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/14 23:56:30 | 000,218,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/13 12:14:16 | 000,004,608 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5CC4072C-F0A3-4E1C-80D9-A3B5F4CF6F55}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6E2233FB-8590-41F1-9220-190DDC478E3C}
IE - HKCU\..\SearchScopes\{5CC4072C-F0A3-4E1C-80D9-A3B5F4CF6F55}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{6E2233FB-8590-41F1-9220-190DDC478E3C}: "URL" = http://www.google.co...{outputEncoding?}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....ms}&fr=chr-atty
IE - HKCU\..\SearchScopes\{F36AD130-6164-4FE8-A96B-D6A01D23155E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\28\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014/11/19 08:04:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013/11/28 19:31:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Users\Owner\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\
 
[2013/12/02 15:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.9.12_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl\1.0.9_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/12/15 00:40:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe (Ruiware LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpIdfPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1082 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AC688F4-433D-4F0C-A79E-7A5BD7A1A37D}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\clouds_1680x1050.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\clouds_1680x1050.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/30 01:59:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/19 09:23:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/11/13 02:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/11/13 02:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/11/13 02:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/11/13 02:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2014/10/27 02:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/10/27 02:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/21 21:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/10/21 21:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/10/21 16:32:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment
[2014/10/21 16:32:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apps
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/19 09:23:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/11/19 09:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/19 08:53:15 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/19 08:46:01 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/11/19 08:10:02 | 000,651,508 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/19 08:10:02 | 000,123,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/19 08:04:24 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/19 08:04:24 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/19 08:03:52 | 000,000,358 | ---- | M] () -- C:\Windows\Brownie.ini
[2014/11/19 08:03:15 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/19 08:02:27 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\pcreg.job
[2014/11/19 08:02:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/19 08:02:03 | 3756,474,368 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/13 02:32:55 | 000,001,688 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/11/13 02:29:49 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/11/12 07:48:17 | 000,002,587 | ---- | M] () -- C:\Users\Owner\Desktop\Microsoft Office Word 2007.lnk
[2014/11/12 03:22:11 | 000,905,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/07 15:58:03 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2014/10/27 20:48:11 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/22 04:30:08 | 000,001,957 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
 
========== Files Created - No Company Name ==========
 
[2014/10/21 21:43:11 | 000,001,957 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/21 21:43:11 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/21 21:40:44 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/21 21:40:43 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/21 21:37:19 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 22:02:06 | 000,000,024 | ---- | C] () -- C:\Windows\popcinfo.dat
[2013/12/11 19:20:31 | 000,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2013/11/19 23:54:59 | 000,000,221 | ---- | C] () -- C:\Windows\NCLogConfig.ini
[2013/10/10 13:35:10 | 000,009,584 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2013/09/06 15:09:32 | 000,000,285 | ---- | C] () -- C:\Windows\QTW.ini
[2013/04/07 17:50:06 | 000,000,024 | ---- | C] () -- C:\Users\Owner\Morrowind.ini
[2010/11/02 19:21:20 | 000,016,384 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 13:10:58 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2007/03/30 01:54:17 | 000,104,016 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
 
========== ZeroAccess Check ==========
 
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/08/23 21:56:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Artogon
[2014/09/23 16:54:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.air.aaos.Code-X2014
[2013/08/06 18:44:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EleFun Games
[2012/11/15 23:27:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\funkitron
[2013/08/30 21:09:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Funlinker
[2013/07/18 19:16:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ICAClient
[2013/07/07 17:19:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Image Zone Express
[2013/09/18 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Jigsaws Galore
[2013/07/19 19:35:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MAI
[2013/07/17 10:20:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicNet
[2013/09/09 16:38:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Myst V End of Ages
[2013/12/02 14:06:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oberon Media
[2014/06/14 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oracle
[2011/06/24 18:42:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Pogo Games
[2012/12/25 14:55:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Printer Info Cache
[2014/09/23 16:45:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Roaming
[2013/05/12 16:12:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ScanSoft
[2013/12/11 06:50:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smilebox
[2012/02/23 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2013/06/08 21:43:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Visan
[2014/01/13 18:50:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2010/09/27 20:04:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch
[2013/12/15 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinPatrol
[2013/09/05 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Wizard's Spell
 
========== Purity Check ==========
 
 

< End of report >

 

 

OTL Extras logfile created on: 11/19/2014 9:35:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.50 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 63.35% Memory free
7.20 Gb Paging File | 5.95 Gb Available in Paging File | 82.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.31 Gb Total Space | 281.65 Gb Free Space | 61.45% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 0.88 Gb Free Space | 11.87% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A65440-A3AB-4CE6-9CA5-01AB80EA48A1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{22D366D0-5EB3-4449-BB68-87F64D7C2C43}" = rport=137 | protocol=17 | dir=out | app=system |
"{51480616-87B0-4169-8BFE-A0F21C24A5F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{6128CE47-5401-462F-87B4-14AFAC9EFC6C}" = lport=137 | protocol=17 | dir=in | app=system |
"{8D4112AA-6927-4A92-8744-17A56B71CF0D}" = lport=139 | protocol=6 | dir=in | app=system |
"{967E7B5C-EE4A-4C26-A071-9E640A4F8469}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8EC58D6-4FAD-4EF7-9ED7-6197EC036C0A}" = lport=138 | protocol=17 | dir=in | app=system |
"{BFC0DDBC-B3B6-4FB2-BD9C-A86131F8F4F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{CA9488CE-3B33-4779-844C-41CA003863F2}" = lport=445 | protocol=6 | dir=in | app=system |
"{E10C6269-B902-4805-B682-A7F9252AE69B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{F13C1A42-EE02-4804-A5D7-715040DE6010}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23B36032-C05A-4780-A0A6-79A7204EB646}" = protocol=1 | dir=out | [email protected],-28544 |
"{5AEFE126-1F3F-4A91-A1D9-203DDCFED274}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6BEABEA1-4DD4-45E3-A326-9AC6956F65A6}" = protocol=58 | dir=in | [email protected],-28545 |
"{B7D657C9-DF4B-44E0-8C0F-62D6DA48A4B4}" = protocol=1 | dir=in | [email protected],-28543 |
"{DA67C9A7-8851-47FF-8DDB-09365C16CDA0}" = protocol=58 | dir=out | [email protected],-28546 |
"{EDD9FF21-152A-4B5F-8BD3-70DF0F279D37}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{A54294EB-AA28-43C9-AE55-104D3A80C4B7}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{AC9D7B74-FADC-4088-B941-4E9D78FFABDA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}" = Brother MFL-Pro Suite MFC-6490CW
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{235EBB33-3DA1-46DF-AADE-9955123409CB}" = Apple Mobile Device Support
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3068513C-3AAC-410B-BAE7-C7837FFF8DEB}" = Citrix Receiver(USB)
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.5.8
"{4832057A-3216-4E7C-A3A5-F4D9C8ADED32}" = PrintMaster Scrapbook Creator
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{49F450C3-EBDC-40A9-8CF8-4149326169AB}" = Brother HL-2140
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}" = iTunes
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69BA7792-853B-45A3-A29F-539C0D7A2A62}" = Myst Uru - Complete Chronicles
"{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol
"{6AEE2B0B-B3C1-4367-B1EF-FC4ED98DEED1}" = C4100
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App for HP
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{7468ACCE-6FA8-4794-90B9-C28BD9CC79DD}" = Citrix Receiver Updater
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CA976C-403C-47E2-940B-733ECAB6F62B}" = muvee autoProducer 5.0
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR
"{7BD3DC6D-A2BE-4345-B6EE-D146193DB18F}" = Online Plug-in
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113269180}" = Mahjong Garden Deluxe
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{96F702F3-7CA4-41B5-A70A-4F348DF99A9A}" = Myst IV - Revelation
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D431014-9F90-4335-A58E-8A14B0BD77F1}" = Citrix Receiver Inside
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F05B89E-2873-11D5-9E9D-0050DA1EA555}" = Myst III: Exile
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A4B28C95-9883-11D5-9E9D-0050DA1EA555}" = Myst III EXILE Patch 1.22
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.12)
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42F73D4-AFDA-4761-B3F4-23A872D11339}" = Morrowind
"{B89BD8D8-14B4-08AC-8BCA-63C0DB91A9AF}" = Code-X 2014
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C43602FE-988C-47BA-9F9F-B95FDDAFB624}" = HP Support Solutions Framework
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}" = Roxio MyDVD Basic v9
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EBD9A954-6C1A-4E9F-A098-C98653035381}" = PrintMaster Platinum 18
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set
"4 Elements_is1" = 4 Elements
"6FE5CFCA-DD69-4E25-9502-237386466C2E" = Blasterball 2 from WildGames (remove only)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ArenaSetup_is1" = The Elder Scrolls I: Arena, ArenaSetup 1.5b
"Atlantis_is1" = Atlantis
"Call Of Atlantis_is1" = Call Of Atlantis
"CCleaner" = CCleaner
"com.adobe.air.aaos.Code-X2014" = Code-X 2014
"Coupon Printer for Windows5.0.1.2" = Coupon Printer for Windows
"Deer Avenger 3" = Deer Avenger 3
"Everyday Jigsaw" = Everyday Jigsaw
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photo Creations" = HP Photo Creations
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Intel® Configuration Center" = Intel® Viiv™ Software
"JigsawBoom_is1" = JigsawBoom
"KraiSoft Games Launcher" = KraiSoft Games Launcher
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Myst Masterpiece Edition_is1" = Myst Masterpiece Edition
"Myst Uru Complete Chronicles_is1" = Myst Uru Complete Chronicles
"Myst V End Of Ages_is1" = Myst V End Of Ages
"NBRTWizard" = Norton Bootable Recovery Tool Wizard
"NIS" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OpenAL" = OpenAL
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PROSet" = Intel® Network Connections Drivers
"realMyst_is1" = realMyst
"Riven The sequel to Myst_is1" = Riven The sequel to Myst
"Seven Gates_is1" = Seven Gates
"Spirit of Wandering_is1" = Spirit of Wandering
"The Rise Of Atlantis_is1" = The Rise Of Atlantis
"The Witch's Green Amulet_is1" = The Witch's Green Amulet
"TheLostKingdomProphecy_is1" = TheLostKingdomProphecy
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.1
"Travel Agency_is1" = Age Of Emerald
"Universal Extractor_is1" = Universal Extractor 1.6.1
"VideoPlayer" = VideoPlayer v2.0.6
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent CDA" = WildTangent Web Driver
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"Wizard Land_is1" = Wizard Land
"Wizard's Spell_is1" = Wizard's Spell
"Wrye Mash" = Wrye Mash
"WTA-1c266070-d781-4b4e-b3bb-adcea826329b" = Big City Adventures Paris
"WTA-2591dbad-703c-43a1-a209-aee14f723614" = Blasterball 2: Holidays
"WTA-6973b73a-35e2-4abf-9bd7-36d2a24de7b3" = Bicycle Canasta
"WTA-ea0e1590-10fa-4596-bbeb-1a1d01fdf5a1" = 4 Elements
"WTA-f07d7075-b005-4e10-9d04-a3f244ad2325" = 4 Elements II
"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{856AD396-519D-4C7A-BED6-6785F64924BC}" = GreatArcadeHits
"Smilebox" = Smilebox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/12/2014 4:09:59 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1010
Description =
 
Error - 11/12/2014 4:10:01 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1008
Description =
 
Error - 11/12/2014 12:34:21 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 17cc  Start Time: 01cffe85e2de4d28  Termination Time: 57598
 
Error - 11/12/2014 11:11:38 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16592, time stamp
 0x544e95a7, faulting module nvd3dum.dll, version 9.18.13.1422, time stamp 0x514279ad,
 exception code 0xc0000005, fault offset 0x007136d3,  process id 0x1f74, application
 start time 0x01cffecf7c1d9d88.
 
Error - 11/13/2014 8:34:19 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 90c  Start Time: 01cfffa2555728d0  Termination Time: 60000
 
Error - 11/14/2014 4:30:14 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 43e8  Start Time: 01cfffe52affd41a  Termination Time: 16
 
Error - 11/15/2014 3:12:08 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 2518  Start Time: 01d00087ab58f070  Termination Time: 10
 
Error - 11/17/2014 11:01:49 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: c534  Start Time: 01d002773550f430  Termination Time: 60000
 
Error - 11/18/2014 3:15:20 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 4cf4  Start Time: 01d002fecf090dc7  Termination Time: 48424
 
Error - 11/19/2014 9:56:44 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16592 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: eb0  Start Time: 01d003ffe35efe83  Termination Time: 19438
 
[ System Events ]
Error - 11/19/2014 9:02:31 AM | Computer Name = Owner-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer Brother PC-FAX v.2 with
shared resource name Brother PC-FAX v.2. Error 2114. The printer cannot be used
by others on the network.
 
Error - 11/19/2014 9:02:31 AM | Computer Name = Owner-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer Brother MFC-6490CW Printer
 with shared resource name Brother MFC-6490CW Printer. Error 2114. The printer cannot
 be used by others on the network.
 
Error - 11/19/2014 9:02:31 AM | Computer Name = Owner-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer Brother HL-2140 series with
 shared resource name Brother HL-2140 series. Error 2114. The printer cannot be
used by others on the network.
 
Error - 11/19/2014 9:02:31 AM | Computer Name = Owner-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer Broderbund PDF Creator with
 shared resource name Broderbund PDF Creator. Error 2114. The printer cannot be
used by others on the network.
 
Error - 11/19/2014 9:03:28 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 11/19/2014 9:03:28 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 11/19/2014 9:03:28 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 11/19/2014 9:03:28 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description =
 
Error - 11/19/2014 9:05:19 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7038
Description =
 
Error - 11/19/2014 9:05:19 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
 


  • 0

Advertisements

#2
Essexboy
Posted 21 November 2014 - 09:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay could I have a fresh scan please

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Falcor2
Posted 22 November 2014 - 10:35 AM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Hi Essexboy

 

      I'm sorry for the delay, I tried to download FRST to the desktop, but the computer would not let me. First Norton told me it was Malware, and I told it to download anyway, then the computer said i didn't have permission to do it.


  • 0

#4
Essexboy
Posted 22 November 2014 - 11:05 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK do you have a windows CD ? If so we will work outside of windows
If you do not have a cd I will give you the link to the recovery console ISO that you can put on USB or CD and we will use that

Download the following three programmes to your desktop :


1. Rufus

For 32bit systems
2. Windows Vista RC I will PM the link for this to you now
3. Farbar Recovery Scan Tool


Insert the USB stick Then run Rufus
rufus.JPG
Select the ISO file on the desktop via the ISO icon.

Press Start Burn
RufusISO.JPG
Then copy FRST to the same USB

frstwintoboot.JPG



Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

Windows 7 and Vista screenshots

When you reboot you will see this.
Click repair my computer
RepairVista_7275.jpg

Select your operating system
RepairVista_7277202.jpg

Select Command prompt
RepairVista_7277.jpg

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe or e:\frst.exe dependant on system
and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
frst.JPG
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it (or attach) to your reply.
  • 0

#5
Falcor2
Posted 22 November 2014 - 12:01 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Hi Essexboy

 

       I have Rufus and Windows Vista RC on the desk top, but the computer will not let me download FRST. At this time I only have use of 1 computer, this one, I might be able to use a different computer late today to download FRST to the flash drive.


  • 0

#6
Essexboy
Posted 22 November 2014 - 12:11 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK Load the ISO RC to the flash drive ready for use then you will just need to add FRST
  • 0

#7
Falcor2
Posted 22 November 2014 - 12:54 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Ok sorry for the confusion on my part, I have a 4 gig flash drive, I ran Rufus, then selected Windows Vista RC and it wants to burn a disk ( CD or DVD) and not go to flash drive.


  • 0

#8
Essexboy
Posted 22 November 2014 - 01:05 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In the device drop down is it recognising the USB that you have inserted ?
  • 0

#9
Falcor2
Posted 22 November 2014 - 01:41 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

On Rufus yes it is set for USB, but on Roxis Creator Premier V9 it does not have that option only to burn to disk.


  • 0

#10
Essexboy
Posted 22 November 2014 - 01:44 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ah Rufus will burn it to the USB for you, no need to use another programme
  • 0

Advertisements

#11
Falcor2
Posted 22 November 2014 - 01:55 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

When I down loaded the iso file it opens with Roxio--- C:\users\owner\desktop\vista32 RC.ISO. I'm sorry,I'm just lost.


  • 0

#12
Essexboy
Posted 22 November 2014 - 02:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem, leave the ISO file on your desktop. There is no need to click or open that
Run Rufus and then point Rufus to the ISO on your desktop, Rufus will then take over and do its business :)

Click the disc symbol as shown and an explorer window will open. Select your ISO image

Capture.JPG
  • 0

#13
Falcor2
Posted 22 November 2014 - 02:45 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

      Ok, I think I have the ISO on the flash drive now, hopefully in about 2 hours I can use another computer to download FRST to the flash drive. Thank you for being so patient with me.


  • 0

#14
Essexboy
Posted 22 November 2014 - 02:54 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem, I should imagine this is all Greek to you :)
  • 0

#15
Falcor2
Posted 22 November 2014 - 06:10 PM

Falcor2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

You are correct about it being greek to me. Alright , I have everything loaded to the flash drive, set the computer to load from the flash drive and restarted the computer. The screen came up where you select repair your computer, ok.

select operating sys--OK

select command prompt----OK

enter notepad to find drive for USB---OK---K drive

enter k:\frst.exe for 32 bit sys-----computer says device is not ready


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP