wyomingmommyof2
-
Content Count
14 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by wyomingmommyof2
-
-
All processes killed========== OTL ==========HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.Registry key HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.Registry value HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.========== COMMANDS ==========[EMPTYJAVA]User: All UsersUser: DefaultUser: Default UserUser: HeatherUser: PublicTotal Java Files Cleaned = 0.00 mb[EMPTYFLASH]User: All UsersUser: DefaultUser: Default UserUser: Heather->Flash cache emptied: 14216 bytesUser: PublicTotal Flash Files Cleaned = 0.00 mb[EMPTYTEMP]User: All UsersUser: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytesUser: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytesUser: Heather->Temp folder emptied: 92942658 bytes->Temporary Internet Files folder emptied: 597780803 bytes->Google Chrome cache emptied: 444846636 bytes->Flash cache emptied: 0 bytesUser: Public%systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 365062411 bytes%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 13400863 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 17485409 bytesRecycleBin emptied: 77646852 bytesTotal Files Cleaned = 1,535.00 mbC:\Windows\System32\drivers\etc\Hosts moved successfully.HOSTS file reset successfullyRestore point Set: OTL Restore PointOTL by OldTimer - Version 3.2.69.0 log created on 01052014_121139Files\Folders moved on Reboot...C:\Users\Heather\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.C:\Users\Heather\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.PendingFileRenameOperations files...Registry entries deleted on Reboot...
-
Ok. Went ahead and got that done. Will talk to you when we get back from church tomorrow afternoon, Thanks again.
-
OTL Extras logfile created on: 1/4/2014 11:25:15 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Heather\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16428)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy1.86 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 43.70% Memory free3.71 Gb Paging File | 2.07 Gb Available in Paging File | 55.92% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 279.47 Gb Total Space | 219.62 Gb Free Space | 78.58% Space Free | Partition Type: NTFSDrive D: | 14.46 Gb Total Space | 1.61 Gb Free Space | 11.12% Space Free | Partition Type: NTFSDrive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.33% Space Free | Partition Type: FAT32Unable to calculate disk information.Computer Name: HEATHER-HP | User Name: Heather | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)[HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- Reg Error: Key error. File not found========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 1"DisableNotifications" = 0========== Authorized Applications List ==================== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0274FC23-F28E-4209-A7BE-A1F6D4427DBD}" = rport=138 | protocol=17 | dir=out | app=system |"{052FC421-1755-476A-80F6-66040F13FE5D}" = lport=445 | protocol=6 | dir=in | app=system |"{056F81CA-7277-4716-99E3-2AD834107975}" = lport=10243 | protocol=6 | dir=in | app=system |"{074EABE4-65E9-4CA1-8F11-4682A627341D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{0B77E067-1E45-4230-B360-6908A7727E16}" = rport=139 | protocol=6 | dir=out | app=system |"{1364AB05-DF4B-42A3-8C87-7AA60E2E8277}" = rport=10243 | protocol=6 | dir=out | app=system |"{143BD02A-870C-4886-8726-6D0AF642C1BB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{24EC0E76-3551-45CD-9A3D-DFB2513CD3BC}" = rport=137 | protocol=17 | dir=out | app=system |"{37876F80-0FFB-4A17-A55A-A778F9C10AFA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{4D695AEA-EB8E-46B9-AF6D-AD713446ED14}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{536232F0-67A1-493E-8EFA-792735908CA0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |"{66E54E0A-517D-4040-A8E0-9280EE202BC5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{67284EF9-54C8-4B17-BC07-F4EB72145028}" = rport=445 | protocol=6 | dir=out | app=system |"{6780E539-ADD0-436D-AB9A-528844164D2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{802AE2D0-2E2B-418B-8A15-4F9711DD551E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{8B6FF54C-D8E5-4BF6-9965-FC740DD8035C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |"{8B97C794-5526-4D2C-A3D8-2F3A251E4F97}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |"{97247ACD-2B0C-4D65-9A73-5398E3F6852E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{A9C62A29-D2C7-4CFD-ADAB-CFB2C87585D8}" = lport=2869 | protocol=6 | dir=in | app=system |"{B57EFF07-A15E-4788-8B91-BC2493D1E8B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{C1A8F361-C94F-4EC8-9AB7-D609AD873C50}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{D87628A4-C7B6-4D03-A493-F2DA7A380868}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |"{E23C5A92-3F18-485E-AEA0-F2C47D1F48A9}" = lport=138 | protocol=17 | dir=in | app=system |"{ED633FC6-1EDC-4269-8649-AEA7C3E1E814}" = lport=137 | protocol=17 | dir=in | app=system |"{FDBC6B83-0FFD-43E2-83FC-974BC5CA7500}" = lport=139 | protocol=6 | dir=in | app=system |========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0F7F85B3-69C9-4FFA-A47F-900EB84DA674}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |"{1DD7C0FA-8534-4507-9921-B7E9F0100080}" = protocol=58 | dir=in | [email protected],-28545 |"{28F4E3DB-81E3-427B-B0DC-695DD4F2BBAE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{2CAD8BD3-2BE1-4FAD-A736-965B6ABFC8E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{2CB9E60E-DEA7-47C3-9CBA-8E7D8765A155}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |"{3311F27B-5064-491D-B408-DEC71BB36413}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |"{3B3BAC28-020B-423B-A84B-8411795936D9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |"{3C568FC5-2C98-4E0F-8FB1-146BF417F719}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{41B3D50A-ED76-4BD7-A3EB-8DB03E421DF6}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |"{52360138-6339-469A-BE00-357A68858FB0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{53034B48-C775-42F8-AAAE-38DAD60DAB0C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{63B41EA2-9851-49DC-A6CF-2DE79E099F4C}" = protocol=6 | dir=out | app=system |"{63DAC05A-00C9-4200-9577-84E7071FF09B}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |"{64FAFE42-7290-415A-B74B-69C9DC3CFCAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{6EB5B81B-45D8-4CC8-966F-72D322443D3A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |"{755E8584-4BA2-49E6-A663-FA6D7A8508D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{7895E9E6-D92C-4F6E-A46D-0773F3FD322D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{7C166D6D-D30E-468A-BF55-2B6043761CE0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |"{98D3C615-F210-4D5B-B540-0094F64E2DCE}" = protocol=1 | dir=in | [email protected],-28543 |"{A26BEB69-95FE-467C-901C-06FB767C20F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{B61594E7-EF73-4F16-823C-6068A90CF36E}" = protocol=58 | dir=out | [email protected],-28546 |"{B9E2C0BC-71D8-43CD-8DE4-8717FC05A93C}" = protocol=1 | dir=out | [email protected],-28544 |"{BD3D72C4-4075-4AB4-9972-AFEE10464FC9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |"{BE568172-3F31-4532-8CD2-D80BBFE84226}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |"{C01D2718-D0AC-4FB6-A191-F802E0E01DA7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{CE2B7890-30EB-44D4-9C4B-D891A7F67E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |"{D53DB605-5FBA-4819-BD8A-486A5E68A2B2}" = protocol=58 | dir=out | [email protected],-503 |"{D9B5F0F8-0171-41ED-B85E-A6E63395776F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |"{DD354BB9-57FC-4B92-B2D6-76AED2B72862}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{E3DE7F47-D873-4F15-99E4-62A77F49DE63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{E7072F34-F647-42FD-970C-3E06ADB5E653}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |"{E76C8B05-67FA-47D1-AA3B-98DC7F78AA6F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{EA3A8610-09EB-4495-B093-6E757ABAF43F}" = protocol=58 | dir=in | app=system |"{FB74416D-EB30-418A-AE75-631FC9FA2F6D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |"TCP Query User{4E9106B6-804B-4914-B95E-DCD5E23BF10C}C:\users\heather\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\heather\appdata\roaming\spotify\spotify.exe |"TCP Query User{C4238A8C-1272-4B2B-86D9-7102DA894CD1}C:\users\heather\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\heather\appdata\roaming\spotify\spotify.exe |"UDP Query User{2FA4FBF9-95FB-4C99-9990-36E75C8DCE80}C:\users\heather\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\heather\appdata\roaming\spotify\spotify.exe |"UDP Query User{A74062CA-E09F-44F1-9CEF-CF4C723CBEFF}C:\users\heather\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\heather\appdata\roaming\spotify\spotify.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology"{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE"{68A55875-B6DD-41E8-8CF6-F193D9C47051}" = HP Documentation"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App for HP"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver"{8B52057C-15DB-433E-957C-E279BC7D07E3}" = HP QuickWeb"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = Compaq Setup Manager"{BB1C717E-376C-4AA1-8940-81BFC38D9778}" = HP Quick Launch"{BFD1ABD7-9417-41CB-B1F6-04BE4CB9820D}" = HP Software Framework"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64"{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform"{D7670221-BF9B-4DFF-B26B-5BE55A87329F}" = HP On Screen Display"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"Adobe Shockwave Player" = Adobe Shockwave Player 11.5"Canon MG2100 series On-screen Manual" = Canon MG2100 series On-screen Manual"Canon MG2100 series User Registration" = Canon MG2100 series User Registration"CanonMyPrinter" = Canon My Printer"CanonSolutionMenuEX" = Canon Solution Menu EX"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX"Google Chrome" = Google Chrome"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300"MediaMonkey_is1" = MediaMonkey 3.2"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0"NIS" = Norton Internet Security"Office14.Click2Run" = Microsoft Office Click-to-Run 2010"WildTangent hp Master Uninstall" = HP Games"WinLiveSuite" = Windows Live Essentials"WTA-07dd4a15-af59-4f9b-87b4-19ce85e0b66c" = Farm Frenzy"WTA-0ec51801-033d-4617-a050-728e77631270" = Polar Bowler"WTA-227c80a2-21c7-4185-a0b0-a747053828d1" = Cradle of Rome 2"WTA-28c40a23-2cb0-4857-93ac-3ae881416080" = Governor of Poker 2 Premium Edition"WTA-40436781-0771-43e9-90f1-f0b21871e7c7" = Namco All-Stars: PAC-MAN"WTA-4321a835-a749-4fc6-9097-d1516a02a344" = Virtual Villagers 5 - New Believers"WTA-5f7cb5e7-e662-4dd4-ae4b-cb001ab0ed67" = Poker Superstars III"WTA-61144ec7-9623-40f1-916b-a08b810a39ff" = Bounce Symphony"WTA-654b1f4c-49e0-4a89-9c31-880e05927973" = Mystery of Mortlake Mansion"WTA-657aa79f-4740-4ffd-9d42-7443fee74ca9" = Cake Mania"WTA-87609f51-e7c2-4747-a175-99957dc2679b" = Polar Golfer"WTA-887c9daf-c718-423e-9d37-2bf81aae537f" = Mah Jong Medley"WTA-89c8791f-2f2c-4afe-aa76-918bcf703b33" = Plants vs. Zombies - Game of the Year"WTA-9c483297-2c0b-4e52-8714-3b478983a0f6" = Penguins!"WTA-a201309e-54cb-471b-b2b2-cb08d6e23a57" = Slingo Supreme"WTA-adece886-22ed-47b6-bba0-9ec02042ca6f" = Agatha Christie - Peril at End House"WTA-bee71dbf-9875-4bd0-9f51-2863426d06d3" = FATE"WTA-c005653b-ab05-4da1-9723-a638f23175ee" = Chuzzle Deluxe"WTA-c6c46fe9-d8cd-47fd-bdde-a0231815943f" = Zuma Deluxe"WTA-cc617191-81c5-4649-8255-3d37d9d6141b" = Bejeweled 3"WTA-cf9d7d2b-16a6-477e-af0e-f37c0373f8ff" = Blasterball 3"WTA-e5a22790-5f26-46b4-bd19-f0b3a53ae654" = Vacation Quest - The Hawaiian Islands"WTA-f745116d-0448-476d-aa2a-f3d3a85f096d" = Blackhawk Striker 2"WTA-fe2f2ce9-ea5d-4ff8-bc0c-8f0f98a5259a" = Chronicles of Albian"WTA-fe6c4247-8a9d-46b0-a840-2b2f416b3657" = Jewel Quest: The Sleepless Star - Collector's Edition========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-1138369966-3132292373-3564050637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Amazon Kindle" = Amazon Kindle"DigitalSite" = Update for PDF Writer"Spotify" = Spotify"UnityWebPlayer" = Unity Web Player========== Last 20 Event Log Errors ==========[ Application Events ]Error - 1/4/2014 9:19:26 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 665500Error - 1/4/2014 9:19:27 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 1/4/2014 9:19:27 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 666499Error - 1/4/2014 9:19:27 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 666499Error - 1/4/2014 9:44:49 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 1/4/2014 9:44:49 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 1014Error - 1/4/2014 9:44:49 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 1014Error - 1/4/2014 9:44:51 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: Continuously busy for more than a secondError - 1/4/2014 9:44:51 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledEvent 2200Error - 1/4/2014 9:44:51 PM | Computer Name = Heather-HP | Source = Bonjour Service | ID = 100Description = Task Scheduling Error: m->NextScheduledSPRetry 2200[ Hewlett-Packard Events ]Error - 9/2/2013 3:15:13 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 10/2/2013 12:02:16 AM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 10/20/2013 10:36:37 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 10/20/2013 10:38:52 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 10/27/2013 10:52:35 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 12/8/2013 11:35:54 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 12/8/2013 11:37:59 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 12/8/2013 11:38:04 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 12/15/2013 11:24:55 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =Error - 12/22/2013 11:28:50 PM | Computer Name = Heather-HP | Source = HPSF.exe | ID = 4000Description =< End of report >
-
OTL logfile created on: 1/4/2014 11:25:15 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Heather\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16428)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy1.86 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 43.70% Memory free3.71 Gb Paging File | 2.07 Gb Available in Paging File | 55.92% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 279.47 Gb Total Space | 219.62 Gb Free Space | 78.58% Space Free | Partition Type: NTFSDrive D: | 14.46 Gb Total Space | 1.61 Gb Free Space | 11.12% Space Free | Partition Type: NTFSDrive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.33% Space Free | Partition Type: FAT32Unable to calculate disk information.Computer Name: HEATHER-HP | User Name: Heather | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2014/01/04 23:24:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Heather\Downloads\OTL.comPRC - [2013/12/09 12:10:40 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\Heather\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exePRC - [2013/12/03 19:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exePRC - [2013/09/05 07:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2013/07/23 01:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXEPRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exePRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exePRC - [2011/08/04 16:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXEPRC - [2011/08/04 16:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXEPRC - [2011/06/28 02:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exePRC - [2011/06/16 17:03:42 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exePRC - [2011/06/15 17:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exePRC - [2011/06/14 14:29:22 | 000,587,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exePRC - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exePRC - [2011/06/13 16:47:12 | 000,336,440 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exePRC - [2011/05/24 16:36:26 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exePRC - [2010/12/30 20:44:00 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exePRC - [2010/12/30 20:43:00 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2010/12/27 16:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exePRC - [2010/11/26 07:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exePRC - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exePRC - [2010/09/13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe========== Modules (No Company Name) ==========MOD - [2013/12/03 19:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dllMOD - [2013/12/03 19:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dllMOD - [2013/12/03 19:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dllMOD - [2013/12/03 19:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dllMOD - [2013/12/03 19:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dllMOD - [2013/10/09 10:13:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dllMOD - [2013/10/09 10:13:32 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dllMOD - [2013/10/09 10:13:25 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dllMOD - [2013/09/15 16:29:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dllMOD - [2013/08/19 16:30:50 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dllMOD - [2013/08/19 16:30:49 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ebdb3050959d9be47d33d2c77d6cc291\IAStorUtil.ni.dllMOD - [2013/08/15 02:32:49 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dllMOD - [2013/08/15 02:32:22 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dllMOD - [2013/08/15 02:32:13 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dllMOD - [2013/07/18 12:00:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\34002b75cd0faab68bf8079299c1aa46\IAStorCommon.ni.dllMOD - [2013/07/17 12:05:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dllMOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2011/07/12 20:41:16 | 000,877,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll========== Services (SafeList) ==========SRV - [2013/12/16 18:53:14 | 000,227,904 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)SRV - [2013/12/10 13:39:01 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2013/09/05 07:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2013/07/23 01:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)SRV - [2013/07/23 01:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)SRV - [2011/06/16 17:03:42 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)SRV - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)SRV - [2011/05/24 16:36:26 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe -- (NIS)SRV - [2010/12/30 20:44:00 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [2010/12/30 20:43:00 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)SRV - [2010/12/27 16:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)SRV - [2010/11/26 07:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)========== Driver Services (SafeList) ==========DRV - [2013/12/03 11:27:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20131203.001\BHDrvx64.sys -- (BHDrvx64)DRV - [2013/11/21 07:39:16 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)DRV - [2013/11/21 07:39:16 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)DRV - [2013/10/25 13:17:18 | 000,521,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20131206.001\IDSviA64.sys -- (IDSVia64)DRV - [2013/10/21 18:33:15 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20131209.001\ex64.sys -- (NAVEX15)DRV - [2013/10/21 18:33:15 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20131209.001\eng64.sys -- (NAVENG)DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBoxIE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Heather\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFF [2013/10/10 17:27:36 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\ [2012/08/10 16:11:41 | 000,000,000 | ---D | M]========== Chrome ==========CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLCHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLLCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dllCHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dllCHR - Extension: Google Docs = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: Google Drive = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: Pinterest = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\1.1_0\CHR - Extension: Norton Identity Protection = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\CHR - Extension: Google Wallet = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\CHR - Extension: Gmail = C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll (Symantec Corporation)O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.dll (Symantec Corporation)O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll (Symantec Corporation)O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)O3 - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll (Symantec Corporation)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not foundO4 - HKU\S-1-5-21-1138369966-3132292373-3564050637-1000..\Run: [spotify Web Helper] C:\Users\Heather\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O13 - gopher Prefix: missingO17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F5EB81-152C-49FC-9C23-1F8F832FC9F7}: DhcpNameServer = 192.168.2.1 192.168.2.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B53BB598-61A9-4CBC-BEFF-62F7B4216142}: DhcpNameServer = 192.168.2.1 192.168.2.1O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ==========[2014/01/04 17:33:17 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\Malwarebytes[2014/01/04 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2014/01/04 17:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2014/01/04 17:32:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2014/01/04 17:32:29 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Local\Programs[2014/01/04 17:07:46 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT[2014/01/04 16:50:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner[2014/01/02 18:04:03 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\WildTangent[2013/12/31 18:08:42 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Local\Adobe_Systems_Incorporate[2013/12/31 18:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe[2013/12/31 18:07:31 | 000,000,000 | ---D | C] -- C:\Users\Heather\Documents\My Digital Editions[2013/12/12 08:33:12 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL[2013/12/12 08:33:12 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll[2013/12/12 08:30:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/12/12 08:30:56 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll[2013/12/12 08:30:55 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/12/12 08:30:53 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/12/12 01:42:39 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll[2013/12/12 01:42:34 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll[2013/12/12 01:41:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll[2013/12/12 01:41:33 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe[2013/12/12 01:41:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx[2013/12/11 05:19:29 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/12/11 05:19:20 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll[2013/12/11 05:19:20 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/12/11 05:19:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/12/11 05:19:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll[2013/12/11 05:19:11 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/12/11 05:19:11 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/12/11 05:19:11 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/12/11 05:19:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/12/11 05:19:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/12/11 05:19:11 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/12/11 05:19:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/12/11 05:19:11 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/12/11 05:19:11 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/12/11 05:19:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/12/11 05:19:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/12/11 05:19:11 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/12/11 05:19:11 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/12/11 05:19:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/12/11 05:19:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/12/11 05:19:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/12/11 05:19:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/12/11 05:19:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll[2013/12/11 05:19:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/12/11 05:19:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/12/11 05:19:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll[2013/12/11 05:19:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/12/11 05:19:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/12/11 05:19:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/12/11 05:19:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/12/09 12:11:29 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe========== Files - Modified Within 30 Days ==========[2014/01/04 23:05:58 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2014/01/04 23:05:29 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2014/01/04 23:05:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2014/01/04 17:45:45 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2014/01/04 17:44:18 | 1494,110,208 | -HS- | M] () -- C:\hiberfil.sys[2014/01/04 17:33:07 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2014/01/03 07:03:46 | 000,000,005 | ---- | M] () -- C:\Users\Heather\AppData\Roaming\WBPU-Q5-TTL.DAT[2014/01/03 07:03:42 | 000,000,103 | ---- | M] () -- C:\Users\Heather\AppData\Roaming\WB.CFG[2014/01/03 07:03:41 | 000,000,005 | ---- | M] () -- C:\Users\Heather\AppData\Roaming\WBPU-TTL.DAT[2014/01/02 18:05:20 | 000,002,424 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk[2013/12/31 18:07:38 | 000,002,204 | ---- | M] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk[2013/12/31 18:07:38 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk[2013/12/21 02:23:59 | 004,682,656 | ---- | M] () -- C:\Users\Heather\Documents\chrissybflietatt.rtf[2013/12/21 01:50:53 | 015,865,933 | ---- | M] () -- C:\Users\Heather\Documents\bfieandbear.rtf[2013/12/19 15:06:27 | 000,232,696 | ---- | M] () -- C:\Users\Heather\Documents\jasonganoungtattoo.rtf[2013/12/11 05:19:29 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/12/11 05:19:20 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll[2013/12/11 05:19:20 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/12/11 05:19:20 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/12/11 05:19:13 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll[2013/12/11 05:19:12 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/12/11 05:19:11 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/12/11 05:19:11 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/12/11 05:19:11 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/12/11 05:19:11 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/12/11 05:19:11 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/12/11 05:19:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/12/11 05:19:11 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/12/11 05:19:11 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/12/11 05:19:11 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/12/11 05:19:11 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/12/11 05:19:11 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/12/11 05:19:11 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/12/11 05:19:11 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/12/11 05:19:11 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/12/11 05:19:11 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/12/11 05:19:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/12/11 05:19:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll[2013/12/11 05:19:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/12/11 05:19:11 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/12/11 05:19:11 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll[2013/12/11 05:19:11 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/12/11 05:19:11 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/12/11 05:19:11 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/12/11 05:19:11 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf[2013/12/11 05:19:11 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/12/10 13:38:58 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/12/10 13:38:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2013/12/07 04:37:58 | 000,002,733 | ---- | M] () -- C:\Users\Heather\Documents\editor letter.rtf========== Files Created - No Company Name ==========[2014/01/04 17:33:07 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/12/31 18:07:38 | 000,002,204 | ---- | C] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk[2013/12/31 18:07:38 | 000,002,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk[2013/12/31 18:07:38 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk[2013/12/31 11:15:47 | 000,000,005 | ---- | C] () -- C:\Users\Heather\AppData\Roaming\WBPU-Q5-TTL.DAT[2013/12/21 02:23:59 | 004,682,656 | ---- | C] () -- C:\Users\Heather\Documents\chrissybflietatt.rtf[2013/12/21 01:50:52 | 015,865,933 | ---- | C] () -- C:\Users\Heather\Documents\bfieandbear.rtf[2013/12/19 15:06:26 | 000,232,696 | ---- | C] () -- C:\Users\Heather\Documents\jasonganoungtattoo.rtf[2013/12/11 05:19:11 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf[2013/12/09 12:12:02 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/12/07 04:37:58 | 000,002,733 | ---- | C] () -- C:\Users\Heather\Documents\editor letter.rtf[2013/10/18 10:37:08 | 000,000,103 | ---- | C] () -- C:\Users\Heather\AppData\Roaming\WB.CFG[2013/10/18 10:37:08 | 000,000,005 | ---- | C] () -- C:\Users\Heather\AppData\Roaming\WBPU-TTL.DAT[2012/08/12 18:36:03 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat[2012/08/10 16:18:47 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2012/04/20 14:54:12 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe========== ZeroAccess Check ==========[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== LOP Check ==========[2013/01/07 17:50:54 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Awem[2012/08/11 10:20:27 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Blio[2013/05/25 20:51:42 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Canon[2012/08/11 15:54:46 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Flood Light Games[2012/08/18 16:15:33 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\funkitron[2012/08/16 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Mystery of Mortlake Mansion[2014/01/04 16:57:15 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\SoftGrid Client[2012/08/24 18:29:46 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\SpinTop Games[2014/01/04 16:56:14 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Spotify[2012/08/10 16:14:01 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Synaptics[2012/08/10 16:19:30 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\TP[2013/09/25 08:52:24 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Unity[2014/01/02 18:04:06 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\WildTangent[2013/06/04 22:40:00 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Windows Live Writer[2012/08/27 09:23:45 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\YoudaGames========== Purity Check ==========< End of report >
-
Thanks for all your help. I will have to finish up tomorrow after we get back from church.
-
.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 8/10/2012 5:08:45 PMSystem Uptime: 1/4/2014 5:54:41 PM (1 hours ago).Motherboard: Hewlett-Packard | | 3672Processor: Intel® Celeron® CPU B800 @ 1.50GHz | CPU1 | 795/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 279 GiB total, 219.62 GiB free.D: is FIXED (NTFS) - 14 GiB total, 1.608 GiB free.E: is FIXED (FAT32) - 4 GiB total, 1.082 GiB free.F: is CDROM (CDFS).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP76: 12/10/2013 9:29:47 AM - Windows UpdateRP77: 12/11/2013 5:15:39 AM - Windows UpdateRP78: 12/12/2013 8:28:29 AM - Windows UpdateRP79: 12/17/2013 9:53:56 AM - Windows UpdateRP80: 12/20/2013 12:54:45 PM - Windows UpdateRP81: 12/24/2013 8:11:51 AM - Windows UpdateRP82: 12/27/2013 11:25:21 AM - Windows UpdateRP83: 12/31/2013 11:04:58 AM - Windows UpdateRP84: 1/3/2014 11:59:51 AM - Windows Update.==== Installed Programs ======================.Adobe Digital Editions 2.0Adobe Flash Player 11 ActiveXAdobe Reader XI (11.0.05)Adobe Shockwave Player 11.5Agatha Christie - Peril at End HouseAmazon KindleApple Application SupportApple Mobile Device SupportApple Software UpdateBejeweled 3Bing BarBlackhawk Striker 2Blasterball 3BlioBonjourBounce SymphonyCake ManiaCanon Easy-PhotoPrint EXCanon MG2100 series MP DriversCanon MG2100 series On-screen ManualCanon MG2100 series User RegistrationCanon MP Navigator EX 5.0Canon My PrinterCanon Solution Menu EXChronicles of AlbianChuzzle DeluxeCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCompaq Setup ManagerCradle of Rome 2CyberLink YouCamD3DX10ESU for Microsoft Windows 7 SP1Evernote v. 4.2.3Farm FrenzyFATEGoogle ChromeGoogle Update HelperGovernor of Poker 2 Premium EditionHewlett-Packard ACLM.NET v1.1.1.0HP AutoHP Client ServicesHP Customer Experience EnhancementsHP DocumentationHP GamesHP Launch BoxHP MovieStoreHP On Screen DisplayHP Power ManagerHP Quick LaunchHP QuickWebHP SetupHP Software FrameworkHP Support AssistantIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyiTunesJewel Quest: The Sleepless Star - Collector's EditionJunk Mail filter updateMah Jong MedleyMalwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMediaMonkey 3.2Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WSE 3.0 RuntimeMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Mystery of Mortlake MansionNamco All-Stars: PAC-MANNorton Internet SecurityPenguins!Plants vs. Zombies - Game of the YearPlayReady PC Runtime x86Poker Superstars IIIPolar BowlerPolar GolferRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek PCIE Card ReaderREALTEK Wireless LAN DriverRecovery ManagerRoxioNow PlayerSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Slingo SupremeSpotifySynaptics TouchPad DriverUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for PDF WriterUpdate Installer for WildTangent Games AppVacation Quest - The Hawaiian IslandsVirtual Villagers 5 - New BelieversWildTangent Games App for HPWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZuma Deluxe.==== End Of File ===========================
-
DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.16428Run by Heather at 18:30:07 on 2014-01-04Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1900.399 [GMT -7:00].AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exeC:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Canon\MyPrinter\BJMYPRT.EXEC:\Users\Heather\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Windows\System32\StikyNot.exeC:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exeC:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exeC:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXEC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\splwow64.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\notepad.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dllBHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dllBHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dllBHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dllTB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dlluRun: [spotify Web Helper] "C:\Users\Heather\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exemRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logonmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204TCP: NameServer = 192.168.2.1 192.168.2.1TCP: Interfaces\{36F5EB81-152C-49FC-9C23-1F8F832FC9F7} : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces\{36F5EB81-152C-49FC-9C23-1F8F832FC9F7}\84541445845425D28405F5E4564777F627B6 : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces\{36F5EB81-152C-49FC-9C23-1F8F832FC9F7}\84541445845425D28405F5E4564777F627B6F513 : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces\{B53BB598-61A9-4CBC-BEFF-62F7B4216142} : DHCPNameServer = 192.168.2.1 192.168.2.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exex64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1300000.080\SymDS64.sys [2012-4-20 451192]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1300000.080\SymEFA64.sys [2012-4-20 1083512]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1300000.080\ccSetx64.sys [2012-4-20 165512]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20131206.001\IDSviA64.sys [2013-12-6 521816]R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1300000.080\Ironx64.sys [2012-4-20 189560]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1300000.080\symnets.sys [2012-4-20 396408]R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-4-20 98208]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-6-16 103992]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-20 13336]R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-20 1817088]R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe [2012-4-20 138760]R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-20 2656280]R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-28 137648]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-20 335464]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-20 436840]R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-4-20 1145448]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-16 227904]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-28 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2014-01-05 00:33:17 -------- d-----w- C:\Users\Heather\AppData\Roaming\Malwarebytes2014-01-05 00:33:06 -------- d-----w- C:\ProgramData\Malwarebytes2014-01-05 00:32:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-01-05 00:32:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-05 00:32:29 -------- d-----w- C:\Users\Heather\AppData\Local\Programs2014-01-05 00:07:46 -------- d-----w- C:\Windows\ERUNT2014-01-04 23:50:18 -------- d-----w- C:\AdwCleaner2014-01-03 19:04:08 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E024B92-D303-4684-AF81-06FB27EA7A42}\mpengine.dll2014-01-03 01:04:03 -------- d-----w- C:\Users\Heather\AppData\Roaming\WildTangent2014-01-01 01:08:42 -------- d-----w- C:\Users\Heather\AppData\Local\Adobe_Systems_Incorporate2013-12-12 15:33:14 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe2013-12-12 15:33:14 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe2013-12-12 15:33:13 12625920 ----a-w- C:\Windows\System32\wmploc.DLL2013-12-12 15:33:12 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL2013-12-12 15:31:00 293072 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll2013-12-12 15:31:00 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-12-12 15:31:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-12-12 15:31:00 235216 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll2013-12-12 08:42:39 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-12-12 08:42:39 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-12-12 08:42:37 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-12-12 08:42:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-12-12 08:42:34 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-12-12 08:42:26 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-12-12 08:42:26 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-12-12 08:41:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-12-12 08:41:48 2048 ----a-w- C:\Windows\System32\tzres.dll2013-12-12 08:41:35 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys2013-12-12 08:41:35 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys2013-12-12 08:41:33 202752 ----a-w- C:\Windows\System32\scrrun.dll2013-12-12 08:41:33 168960 ----a-w- C:\Windows\System32\wscript.exe2013-12-12 08:41:33 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll2013-12-12 08:41:33 156160 ----a-w- C:\Windows\System32\cscript.exe2013-12-12 08:41:33 150016 ----a-w- C:\Windows\System32\wshom.ocx2013-12-12 08:41:33 141824 ----a-w- C:\Windows\SysWow64\wscript.exe2013-12-12 08:41:33 126976 ----a-w- C:\Windows\SysWow64\cscript.exe2013-12-12 08:41:33 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx2013-12-09 19:11:29 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe.==================== Find3M ====================.2013-12-10 20:38:58 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-19 10:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL.============= FINISH: 18:31:01.53 ===============
-
Results of screen317's Security Check version 0.99.78Windows 7 Service Pack 1 x64 (UAC is enabled)Internet Explorer 11``````````````Antivirus/Firewall Check:``````````````Windows Firewall Enabled!Norton Internet SecurityWMI entry may not exist for antivirus; attempting automatic update.`````````Anti-malware/Other Utilities Check:`````````Malwarebytes Anti-Malware version 1.75.0.1300Adobe Reader XIGoogle Chrome 31.0.1650.57Google Chrome 31.0.1650.63````````Process Check: objlist.exe by Laurent````````Norton ccSvcHst.exe`````````````````System Health check`````````````````Total Fragmentation on Drive C: 1%````````````````````End of Log``````````````````````
-
Ok, I think that is all. Let me know if I need to do anything else. Thanks!
-
Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2014.01.04.08Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476Heather :: HEATHER-HP [administrator]1/4/2014 5:34:37 PMmbam-log-2014-01-04 (17-34-37).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 210854Time elapsed: 6 minute(s), 14 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 4C:\Users\Heather\AppData\Local\Temp\ICReinstall_PDFWriterSetup.exe (PUP.Optional.Bundle) -> Quarantined and deleted successfully.C:\Users\Heather\Downloads\expertpdf7.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.C:\Users\Heather\Downloads\filewhiz_d6624754.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.C:\Users\Heather\Downloads\PDFWriterSetup.exe (PUP.Optional.Bundle) -> Quarantined and deleted successfully.(end)
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.9 (01.01.2014:1)OS: Windows 7 Home Premium x64Ran by Heather on Sat 01/04/2014 at 17:07:50.44~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F3EFB319-44BB-458B-AE19-38777B2159EE}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F3EFB319-44BB-458B-AE19-38777B2159EE}~~~ FilesSuccessfully deleted: [File] C:\Windows\syswow64\sho7155.tmpSuccessfully deleted: [File] C:\Windows\syswow64\sho9929.tmpSuccessfully deleted: [File] C:\Windows\syswow64\shoA789.tmpSuccessfully deleted: [File] C:\Windows\syswow64\shoB8AC.tmpSuccessfully deleted: [File] C:\Windows\syswow64\shoC971.tmp~~~ FoldersSuccessfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{08ED12F3-6D7C-4822-9B32-E018103AD9D4}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{121E094E-6059-4BE9-83DE-31278B33A17F}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{1D7434CD-40C1-4BC8-AFAF-D827C06E8251}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{22372744-455E-4E8C-AA60-19F484ECAF66}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{30DDCF5B-8999-40FF-A148-DEAF22E3E4BB}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{331F61FE-6CF2-4854-8329-A8E24AFA45C8}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{35ECF916-D9C6-4C9B-B1D0-CDA68616AA6B}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{3A0F837E-ED58-41D5-BE94-9F626B691F8E}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{3CF14F7D-5617-4773-9758-7466C32D7F40}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{6D57793F-8A61-4E7E-856B-0237B2B00520}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{76315C5C-BF15-4880-BE37-F50678424CD9}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{79412D3B-CB37-41E3-9984-E4F78E00C41E}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{7B0DE728-49FD-431B-AA2D-49DA2D9CFFF1}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{83F54E86-9B07-4560-B06D-4BE66AE206B3}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{88E7C29A-3225-4D91-9459-B30E6CBEEF42}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{A10516B9-BCBC-413D-BA38-8C81B49BD393}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{A4556C1D-C1FD-4195-BE7B-80318F548C5E}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{A5362C2B-8E85-40DE-BF34-A5C5440EDAB3}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{B7B4E8DD-FF1D-4A7F-B97D-EEC84A99D9EF}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{C2E75C03-E580-4C18-9693-997543595A81}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{C94CF1EB-3618-493C-9076-D2B88A97CBF3}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{DAFEC4D7-439C-4D3D-96EC-F9105EE2D1D8}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{E3372862-BDA7-4173-80FD-F3D3B8D3C5BC}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{ECEFA725-6823-4290-A404-201F33510412}Successfully deleted: [Empty Folder] C:\Users\Heather\appdata\local\{FBA73C6C-D64B-473B-A972-72EF77E7526C}~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 01/04/2014 at 17:19:29.86End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
# AdwCleaner v3.016 - Report created 04/01/2014 at 16:56:32# Updated 23/12/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Heather - HEATHER-HP# Running from : C:\Users\Heather\Downloads\adwcleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] *****Folder Deleted : C:\Users\Heather\AppData\Roaming\digitalsiteFile Deleted : C:\Windows\Tasks\digitalsite.jobFile Deleted : C:\Windows\System32\Tasks\digitalsite***** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKCU\Software\dsiteproductsKey Deleted : HKLM\Software\InstallIQ***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16428-\\ Google Chrome v31.0.1650.63[ File : C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [2597 octets] - [04/01/2014 16:51:40]AdwCleaner[s0].txt - [2156 octets] - [04/01/2014 16:56:32]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2216 octets] ##########
-
Hello. I am getting alot of popups and my internet is starting to run slower than normal. Can you help me out?
Thanks.
Heather
Getting lots of popups
in Malware Removal
Posted
Ok, ran the clean up and reboot. will get online for a while and dee if I have any popups. Thanks for all your help. Will update you after I use the computer for a bit. Anything else I need to do?