Thank you for your help!!
here is the extras run before anything was done
OTL Extras logfile created on: 8/9/2013 6:11:46 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dardas\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.69 Gb Available Physical Memory | 34.68% Memory free
4.23 Gb Paging File | 2.72 Gb Available in Paging File | 64.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.77 Gb Total Space | 95.50 Gb Free Space | 42.87% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.73 Gb Free Space | 57.35% Space Free | Partition Type: NTFS
Computer Name: LOFT | User Name: Dardas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0077F170-76A4-4AF5-80F6-E84476F116C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{06E9B101-94E9-435F-8FB0-04759AA961DC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A1CF2E8-366F-45D2-8F6A-BE5DC1537A1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A9268AA-422F-4F92-9510-D17AB10F9B5B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D9B3A11-DC16-4BD4-BB09-9C8952ABF3E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{5290F0C7-1E71-4E78-8383-9FDA7391DEE6}" = lport=138 | protocol=17 | dir=in | app=system |
"{5E7686AD-EC22-4676-9C15-750E781C5ECE}" = rport=138 | protocol=17 | dir=out | app=system |
"{669D2FBF-D7A4-4F10-B00B-67A9552CFCA6}" = lport=137 | protocol=17 | dir=in | app=system |
"{76D01DB6-1A17-4C62-B300-CC0E6B653C22}" = rport=137 | protocol=17 | dir=out | app=system |
"{837CF602-166D-4BA4-8751-E6DAC046511E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{991E5A31-4BF7-47F8-BEA9-CCCCE1742F85}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B0E04ACF-D3AE-4B2B-8F4A-8D4858CCD204}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B2555349-62A9-4FC2-8535-6D57974FC567}" = lport=445 | protocol=6 | dir=in | app=system |
"{B87A8A99-4EA7-4992-B67D-5F8074F44B5F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8EA8D86-518D-4BF2-9AE7-01356E312EF2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDF737C2-8B6B-4A0B-A9B7-6C80A578B0FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CDCD8059-684D-4E66-BCDF-1E447613981D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{E403B821-1176-41BC-9D44-FE4B0959120E}" = rport=445 | protocol=6 | dir=out | app=system |
"{E597173F-2FEF-4537-B09C-FCA1D817BCD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16B7A296-DCDC-4F6D-A210-AA95AB9508E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D65C557-0423-4C36-9A1B-2D900D05E59D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{1E54D443-416A-4AF7-B4F2-91DAD724179C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{207B3889-C20A-4D33-B717-238B8B093286}" = protocol=58 | dir=out |
[email protected],-28546 |
"{2536F57F-E5FA-473E-A349-0D097685339A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{281E8C66-145F-4A84-B5E3-89CED08B8A01}" = protocol=6 | dir=out | app=system |
"{2AEB0160-B69E-476D-ACD4-57023064A4E2}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{2CB4E695-B431-45EE-9E73-E5FEE731769A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3357B5C7-1B1D-4674-9F4B-2E0279EE6C6F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{359B2B58-75BE-45C4-9AA8-7D00CD93BFD4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{35C97D28-85F0-41FA-8A09-3DA23A024D08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3604F485-449C-4EF6-8221-F912923B0CE5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3F82FC56-F389-4987-A54E-E77E86C0524B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{3FC09EE2-CB79-411F-94C8-112D7D879F9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{475BCDA4-80B2-4E70-B455-2184443B8D5C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{5595783C-2454-40F7-A5BC-E2F9D6088178}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B22EAE2-457F-4A8B-84D6-B607A9655F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E8C45A1-03E3-4FD2-B2E4-14751C121215}" = protocol=1 | dir=in |
[email protected],-28543 |
"{635FEAA6-FDB5-43AA-98FD-50D487B20016}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{664E46EF-CAB8-4802-8B96-4D01429C662E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C10C631-866F-4E0D-BD28-9265045B8C4C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6CE1F4CE-2859-42E4-BAD2-8DC5FC2A0CF6}" = protocol=58 | dir=in |
[email protected],-28545 |
"{6EBEF19D-50A5-4FA6-9AC0-D9E2D078E430}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{77D49ED2-90C5-44A1-A9B8-0DF9CE120969}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{7EB99881-FD30-4AD4-AF7D-E008D58B5E7C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{88D7F470-974F-4BDC-AB02-CB16111D559E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BC58766-077D-4308-899F-72ED2B7D4B73}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8DC3B760-17E6-4571-ACFB-199A9267AA66}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{909EB38F-2E12-4F68-8BE0-CC5882115EFA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{92DFCA6A-0E57-4D32-B6F5-A5AE519CE134}" = protocol=1 | dir=out |
[email protected],-28544 |
"{9AAA3AA6-0966-48D8-9469-D6F5EC93F434}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{9B8D1DAC-299A-4FFC-BB89-A4FD341D615E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9C13F642-FCF7-4172-92ED-001C02DD64F4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A43AC031-2CA2-492E-A3D8-715E75724659}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{A6307D58-C67C-46F0-83AB-340927B39960}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
"{AB41A687-E7DD-4DD1-9EBD-A7221D47BEB5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{B09A4B6A-0758-4A8C-A34B-9F9EF4B0AFB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BF10DF1E-A030-4DA6-BC4C-ACC6018841F5}" = protocol=6 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{C288F683-7AB8-4579-A610-8570CCB7122C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C769C418-FA97-414D-B74B-0BB09A6A454A}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C852A44C-5D29-492B-A107-8183419B2739}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{D18AB4D3-0AB6-4DD1-855C-BFF02123AD96}" = protocol=17 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{D3314DD1-1AC5-4F33-A6E0-5525D0A8792D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D461E742-AF89-4AD6-BF1A-968FF94A715C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D4B971CD-5022-4A2B-B6F1-3609E95D1067}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DB480628-5AA5-450A-918B-92ED88533219}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{E1B78450-C48A-4A71-99FB-3C3505203761}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E59EBF31-2DEE-4681-9A87-E2AD6080F874}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E76541B9-17B6-4C9C-90F2-3D6617F6035C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E7EA22C5-419E-4E05-89D6-F2869220A9CC}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{EA6F46CB-AC0C-4A2D-AC69-0B3CCC2F452A}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{EB04B44D-8805-4B08-8965-1AB499892C89}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{03B25762-461B-22C8-9AF0-170F3D749061}" = Catalyst Control Center Graphics Previews Vista
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{03BF49A6-A643-A836-0732-2467E9A6B911}" = Catalyst Control Center Localization Korean
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0AC7F464-85E9-337D-B100-DC178C14A699}" = Catalyst Control Center Core Implementation
"{0BC1B842-C298-99E6-D0A8-FA3B33A07C5C}" = Catalyst Control Center Localization German
"{0BF215E3-C97F-7BF3-96D0-9C7D3F5FF9B4}" = Catalyst Control Center Localization Chinese Traditional
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D1303D7-3918-3014-E119-33DBB649BE86}" = Catalyst Control Center Localization Spanish
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{138BF761-BFAA-29BB-B755-91262DE91A19}" = ccc-core-static
"{162981A5-050A-3DDA-2477-49724E334DEF}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{276B965A-AC01-955C-E678-C8D25C58A42B}" = Catalyst Control Center Graphics Previews Common
"{2B83C858-A352-1E5D-0052-C326C815F3C4}" = CCC Help Japanese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{5370D92F-CF5A-4A38-DE84-151F9F58BCB2}" = Catalyst Control Center Localization Italian
"{56CDA83B-BC0B-A4A7-BD48-1176A6C97033}" = Catalyst Control Center Graphics Light
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63EB4545-0CB5-35FE-D20C-F8E6995703F3}" = Catalyst Control Center Localization French
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712A51A2-68F2-17D2-E3EB-C199DA0E0BE0}" = Catalyst Control Center Localization Portuguese
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88477E65-A679-2CAE-645A-5073ED86715B}" = CCC Help Portuguese
"{88DCB080-7A56-5697-4407-21BD03DCE401}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC7ACAD-10E5-E7F4-481A-29C4C8B19990}" = Catalyst Control Center Graphics Full Existing
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99D8CE0E-20C7-3761-5F90-0E1329A55824}" = CCC Help Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F79E2-4B21-E840-CF5B-FF1EE52E5B9F}" = Catalyst Control Center Localization Chinese Standard
"{A029AD64-F8F2-09AD-E29B-623B4BBF872C}" = CCC Help French
"{A09B8374-BD00-63EB-9616-E624A44EF877}" = CCC Help German
"{A28D08AE-3FBD-EBDB-BA28-CE719F699E48}" = CCC Help Chinese Standard
"{A3111537-BA7A-C129-1E6B-E2C77DCA3AD2}" = CCC Help Italian
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2050314-D2DF-6589-E155-5E4E8F8AB3D4}" = Catalyst Control Center Localization Turkish
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{C2112C02-1BCA-A86F-F6E1-264CCE43F451}" = CCC Help Chinese Traditional
"{C2D541C2-B516-B049-EC3F-41B7A8E1C72D}" = ccc-utility
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CDA2EBE1-999C-48FB-DF9A-81C789900BFF}" = CCC Help Turkish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D68F16A7-9447-8A92-7EF3-A4E26B2A95EE}" = CCC Help English
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{DE27264D-7CA0-3317-7192-C64F0B7D9AB3}" = Catalyst Control Center Localization Japanese
"{E044161D-75F5-3EC5-2BDA-42D106E602D2}" = CCC Help Korean
"{E112EC9E-B411-F3E0-EF02-C0D21C09F329}" = Catalyst Control Center Localization Hungarian
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EA778E78-0B7B-05AE-A72F-AF484D201DFB}" = Skins
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AstrumNival Allods" = Allods Online 1.0.05.41
"Audacity_is1" = Audacity 1.2.6
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo" = Diablo
"EPSON NX125 NX127 Series" = EPSON NX125 NX127 Series Printer Uninstall
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"ExpressBurn" = Express Burn
"Google Desktop" = Google Desktop
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MixPad" = MixPad
"NIS" = Norton Internet Security
"NST" = Norton Identity Safe
"Office14.SingleImage" = Microsoft Office Professional 2010
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 57310" = Amnesia: The Dark Descent Demo
"Steam App 70310" = VVVVVV Demo
"Temp File Cleaner" = Temp File Cleaner
"Warcraft III" = Warcraft III
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diablo" = Diablo
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 8/8/2013 7:40:55 PM | Computer Name = Loft | Source = WinMgmt | ID = 10
Description =
Error - 8/8/2013 7:52:06 PM | Computer Name = Loft | Source = EventSystem | ID = 4621
Description =
Error - 8/8/2013 7:58:56 PM | Computer Name = Loft | Source = WinMgmt | ID = 10
Description =
Error - 8/8/2013 8:07:34 PM | Computer Name = Loft | Source = EventSystem | ID = 4621
Description =
Error - 8/8/2013 8:11:59 PM | Computer Name = Loft | Source = WinMgmt | ID = 10
Description =
Error - 8/8/2013 8:31:28 PM | Computer Name = Loft | Source = WinMgmt | ID = 10
Description =
Error - 8/8/2013 8:38:03 PM | Computer Name = Loft | Source = System Restore | ID = 8209
Description =
Error - 8/8/2013 8:55:21 PM | Computer Name = Loft | Source = WinMgmt | ID = 10
Description =
Error - 8/8/2013 8:56:23 PM | Computer Name = Loft | Source = System Restore | ID = 8209
Description =
Error - 8/9/2013 7:05:54 PM | Computer Name = Loft | Source = EventSystem | ID = 4621
Description =
[ Broadcom Wireless LAN Events ]
Error - 3/31/2013 9:37:38 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 20:37:35, Sun, Mar 31, 13 Error - Unable to gain access to user store
Error - 5/5/2013 12:55:50 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 11:55:50, Sun, May 05, 13 Error - Unable to gain access to user store
Error - 5/27/2013 8:15:14 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 19:15:12, Mon, May 27, 13 Error - Unable to gain access to user store
Error - 5/31/2013 1:31:50 AM | Computer Name = LOFT | Source = WLAN-Tray | ID = 0
Description = 00:31:50, Fri, May 31, 13 Error - Unable to gain access to user store
Error - 6/1/2013 2:05:27 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 13:05:25, Sat, Jun 01, 13 Error - Unable to gain access to user store
Error - 6/3/2013 8:54:04 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 19:54:04, Mon, Jun 03, 13 Error - Unable to gain access to user store
Error - 7/6/2013 6:57:01 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 17:57:01, Sat, Jul 06, 13 Error - Unable to gain access to user store
Error - 7/18/2013 2:25:34 PM | Computer Name = LOFT | Source = WLAN-Tray | ID = 0
Description = 13:25:32, Thu, Jul 18, 13 Error - Unable to gain access to user store
Error - 7/21/2013 9:57:46 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 20:57:45, Sun, Jul 21, 13 Error - Unable to gain access to user store
Error - 8/8/2013 5:29:56 PM | Computer Name = Loft | Source = WLAN-Tray | ID = 0
Description = 16:29:56, Thu, Aug 08, 13 Error - Unable to gain access to user store
[ OSession Events ]
Error - 4/15/2012 12:40:18 AM | Computer Name = Loft | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 436
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/8/2013 7:41:32 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 7:42:26 PM | Computer Name = Loft | Source = Service Control Manager | ID = 7034
Description =
Error - 8/8/2013 7:58:34 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 7:58:44 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 8:11:57 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 8:12:06 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 8:31:00 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 8:54:51 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 8:55:18 PM | Computer Name = Loft | Source = DCOM | ID = 10016
Description =
Error - 8/8/2013 11:43:07 PM | Computer Name = Loft | Source = Service Control Manager | ID = 7011
Description =
< End of report >
moved files:
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{932A8778-82DC-45BF-A2F7-F7CA26B5D83D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932A8778-82DC-45BF-A2F7-F7CA26B5D83D}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
C:\Windows\System32\searchplugins folder moved successfully.
C:\Windows\System32\Extensions folder moved successfully.
C:\Users\Dardas\AppData\Roaming\Systweak folder moved successfully.
C:\Windows\System32\roboot.exe moved successfully.
C:\Users\Dardas\AppData\Roaming\xVidly folder moved successfully.
C:\Users\Dardas\AppData\Local\Conduit folder moved successfully.
C:\Users\Dardas\AppData\Local\CRE folder moved successfully.
C:\Program Files\Conduit\CT3295549\plugins folder moved successfully.
C:\Program Files\Conduit\CT3295549 folder moved successfully.
C:\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Program Files\Conduit folder moved successfully.
C:\Users\Dardas\AppData\Roaming\Video Media Download folder moved successfully.
C:\Users\Dardas\AppData\Roaming\Delta folder moved successfully.
C:\Users\Dardas\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
C:\Users\Dardas\Application Data\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dardas\Desktop\cmd.bat deleted successfully.
C:\Users\Dardas\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Abi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Benjamin
->Temp folder emptied: 4128678 bytes
->Temporary Internet Files folder emptied: 203318 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 380257167 bytes
->Flash cache emptied: 0 bytes
User: Dardas
->Temp folder emptied: 86525456 bytes
->Temporary Internet Files folder emptied: 31883194 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 57622179 bytes
->Flash cache emptied: 566 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: McAfeeMVSUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Meagan
->Temp folder emptied: 11096469 bytes
->Temporary Internet Files folder emptied: 8976827 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 429414514 bytes
->Flash cache emptied: 670 bytes
User: Public
User: Stephanie
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: TEMP
->Temporary Internet Files folder emptied: 0 bytes
User: TEMP.Dardas-PC
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 72482885 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 410738 bytes
RecycleBin emptied: 3904 bytes
Total Files Cleaned = 1,033.00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 08092013_183436
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL text ran after adw cleaner and Jumkware removal tool
OTL logfile created on: 8/9/2013 8:28:21 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dardas\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 50.82% Memory free
4.23 Gb Paging File | 3.14 Gb Available in Paging File | 74.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.77 Gb Total Space | 98.18 Gb Free Space | 44.07% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.73 Gb Free Space | 57.35% Space Free | Partition Type: NTFS
Computer Name: LOFT | User Name: Dardas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/08/08 20:07:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dardas\Desktop\OTL.exe
PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/19 01:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbacoms.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/11/02 07:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
========== Modules (No Company Name) ========== MOD - [2013/07/24 19:49:46 | 000,396,240 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
MOD - [2013/07/24 19:49:45 | 013,599,184 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/24 19:49:44 | 004,052,944 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/24 19:48:54 | 000,601,552 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/24 19:48:53 | 000,123,344 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/24 19:48:51 | 001,597,392 | ---- | M] () -- C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/07/19 03:43:32 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\d8f9327ccf9ae9cd853d9f9c6c8807bc\System.Web.ni.dll
MOD - [2013/07/19 03:43:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59375bfcbdf9a51a963b71c10f6204d4\System.Runtime.Remoting.ni.dll
MOD - [2013/07/19 03:40:19 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4a249ccdc8817127b91bc36d1aa52b5e\System.Xml.ni.dll
MOD - [2013/07/19 03:39:12 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e3cc2cbffd5fb21da64e93d9b6c27c7c\System.ni.dll
MOD - [2013/07/19 03:39:06 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2009/04/11 01:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2008/05/23 01:00:50 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007/08/07 18:49:00 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ========== SRV - [2013/07/26 17:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2008/08/19 01:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbacoms.exe -- (dlba_device)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/07/18 05:13:19 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130809.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/07/18 05:13:19 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130809.016\NAVENG.SYS -- (NAVENG)
DRV - [2013/07/17 16:09:06 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130809.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/06/10 16:43:22 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/31 11:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 00:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 00:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 00:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/05/07 12:38:58 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/05/07 12:38:58 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/04/24 19:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013/04/15 21:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NST\7DD04000.00A\ccsetx86.sys -- (ccSet_NST)
DRV - [2013/04/15 21:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/03/04 20:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/04 20:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2010/06/23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/11 00:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/08/19 02:03:28 | 000,079,960 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2008/08/19 02:02:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/05/23 01:00:48 | 003,592,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/23 01:00:48 | 003,592,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/04/16 09:27:04 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/01/20 21:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/20 21:32:47 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...ie7&rlz=1I7DKUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://partnerpage.g...smb&ibd=1090105IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dardas\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dardas\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2013/08/09 20:20:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\ [2013/08/08 19:47:19 | 000,000,000 | ---D | M]
[2013/08/02 13:39:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dardas\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Norton Identity Protection = C:\Users\Dardas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\
CHR - Extension: Norton Identity Protection = C:\Users\Dardas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.4.0.10_0\
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2755DAC9-AD4F-47A3-A40E-8190A7C62CFE}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dardas\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dardas\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a3710346-daf8-11dd-93ae-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Start.exe
O33 - MountPoints2\{a3710346-daf8-11dd-93ae-806e6f6e6963}\Shell\Install\Command - "" = E:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/08/09 20:22:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/09 18:34:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/08 20:07:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dardas\Desktop\OTL.exe
[2013/08/02 13:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ========== [2013/08/09 20:17:29 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/09 20:17:28 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013/08/09 20:17:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/09 20:17:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/09 20:17:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/09 19:33:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/09 19:32:59 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1002UA.job
[2013/08/09 18:50:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1003UA.job
[2013/08/09 18:50:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1004Core.job
[2013/08/09 18:49:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1004UA.job
[2013/08/09 18:37:04 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1001UA.job
[2013/08/09 18:37:04 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1001Core.job
[2013/08/09 15:50:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1003Core.job
[2013/08/09 13:33:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2475585835-3430405396-503274499-1002Core.job
[2013/08/08 23:38:22 | 000,002,087 | ---- | M] () -- C:\Users\Dardas\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/08 23:38:22 | 000,002,085 | ---- | M] () -- C:\Users\Dardas\Desktop\Google Chrome.lnk
[2013/08/08 20:22:22 | 000,000,923 | ---- | M] () -- C:\Users\Dardas\Desktop\MEMORYCARD (EPSON5A3DE9) (Z) - Shortcut.lnk
[2013/08/08 20:07:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dardas\Desktop\OTL.exe
[2013/07/23 02:04:00 | 000,617,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/23 02:04:00 | 000,108,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/19 03:38:13 | 000,372,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ========== [2013/08/08 20:22:22 | 000,000,923 | ---- | C] () -- C:\Users\Dardas\Desktop\MEMORYCARD (EPSON5A3DE9) (Z) - Shortcut.lnk
[2012/04/15 09:46:12 | 000,000,089 | ---- | C] () -- C:\Windows\EWF630.ini
[2012/04/14 23:26:21 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012/04/14 23:26:21 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012/04/14 23:26:21 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012/04/14 23:26:21 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012/04/14 23:26:21 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012/04/14 23:26:20 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012/04/14 23:26:20 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012/04/14 23:26:20 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012/04/14 23:26:20 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012/04/14 23:26:20 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012/04/14 23:26:20 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012/04/14 23:26:20 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012/04/14 23:26:20 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012/04/14 23:26:20 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012/04/14 23:26:20 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012/04/14 23:26:20 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012/04/14 23:21:24 | 000,000,077 | ---- | C] () -- C:\Windows\ENX125_127.ini
[2009/06/01 19:47:25 | 000,006,836 | ---- | C] () -- C:\Users\Dardas\AppData\Local\d3d9caps.dat
[2009/01/24 21:01:53 | 000,032,256 | ---- | C] () -- C:\Users\Dardas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/08 19:23:00 | 000,000,632 | RHS- | C] () -- C:\Users\Dardas\ntuser.pol
========== ZeroAccess Check ========== [2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2012/04/15 11:16:40 | 000,000,000 | ---D | M] -- C:\Users\Dardas\AppData\Roaming\addpcs
[2012/04/15 09:53:16 | 000,000,000 | ---D | M] -- C:\Users\Dardas\AppData\Roaming\Epson
[2012/04/15 00:12:18 | 000,000,000 | ---D | M] -- C:\Users\Dardas\AppData\Roaming\Leadertech
[2009/04/26 11:12:08 | 000,000,000 | ---D | M] -- C:\Users\Dardas\AppData\Roaming\NCH Swift Sound
[2011/04/04 20:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dardas\AppData\Roaming\RIFT
========== Purity Check ========== < End of report >
# AdwCleaner v2.306 - Logfile created 08/09/2013 at 20:14:02
# Updated 19/07/2013 by Xplode
# Operating system : Windows Vista Home Basic Service Pack 2 (32 bits)
# User : Dardas - LOFT
# Boot Mode : Normal
# Running from : C:\Users\Dardas\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Meagan\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Meagan\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Users\Dardas\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dardas\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Meagan\AppData\LocalLow\Conduit
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\808cdfbd6eeb14
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3295549
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\Software\systweak
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16496
[OK] Registry is clean.
-\\ Google Chrome v28.0.1500.95
File : C:\Users\Dardas\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.35] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.38] : keyword = "search.conduit.com",
Deleted [l.42] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN18[...]
Deleted [l.43] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]
Deleted [l.2146] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=C6B600242B4278DD&affID=119360&tsp=[...]
File : C:\Users\Meagan\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Abi\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2991 octets] - [09/08/2013 20:14:02]
########## EOF - C:\AdwCleaner[S1].txt - [3051 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.9 (08.09.2013:1)
OS: Windows Vista Home Basic x86
Ran by Dardas on Fri 08/09/2013 at 20:23:03.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/09/2013 at 20:25:07.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Seems to be running much better now. What else needs to be done?
Thank you again for your help!!