whonew
-
Posts
437 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by whonew
-
Again Malwarebyte's successfully deleted Mindspark PUP
-
All processes killed ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03D5B88E9831BC54DB7C3C16F1E5C891\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\076C9D3C21C324B4BA3B9B218FAD0CFE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B9B2E81428F63D43B699CB5568491F1\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18232011C7B3D1F4E8E6EFE91DA0159E\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1934F68B2A5E0734BAEF63492CFAB6D0\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2508166F59895DD4E8333038B399B425\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26620F978EDADC544A36CE70408B0715\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2C367727B6AC9244EA02307F5AA1D375\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2FA390BC58BE0A342B9D8F2D2479D885\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\329FD134DA4E0844B9369A6E650BC8F0\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3664465A628E7094395C7796134756EC\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D28A8305F807C347A6A2A19F1D403F8\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41F55FDF723F1724DB50F63ED20BC7AD\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45F95AABBAF529448918A63384170E3C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\473D39163BF26964EA39C4D279B0034B\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B31418C83410D9468EDC7098CCF00ED\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53E0EB5423EC3144FB438F35A966ED15\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\59FCE2ED8A0AAD246B91B9449A9C8A7D\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E07ABB1F25A0564F9372D3BDC68B203\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E184F7A70ED58543B1E40F700BC2BFE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FD0A0DFF52247B49AC04670CD5A6844\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64305C21032E85640A74CF21F3169980\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\659816A5A7096874FA1D0FA5BCBB38CA\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68F72A321BB63C34BAB8706A17CFF763\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E6F944C87C9DC94E86A68A4265FFFAE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\717EA78AB4B7DB7448677A019EAFD8A7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FEED76AD1E2CD042A26AEAAC9A64A37\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86B0802BFF8E33C43A3C2053C7A86AE9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86CA132B1D76AEE44839B283180303F6\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\923DFC1DEEF7EC04DAC41B515D68C0D7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9403CE5B8841C114C8D468E237F0CCC9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94508772FFF88854C9447AC3707F6CCD\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\952346D22C857BC4894049D2A73F9CDE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9913D5AB95EF2EA458753EF533BE9A97\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9B8CA15CC6A10F742A15E16C6092FF73\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB32D078443EC714F84AB2D58858DC66\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1C443A5149E61C488ADAA951BDFEEB3\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6AAC145EEF70EE4494245E3BD7E4789\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B828335B654D2854DA6FDFCF2E3E1125\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB65905F877923448986F05B6392035B\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBC1219AD7E2D234C9D22495DB902660\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2310AB7FC0B06A479BBBAF550638257\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2F9C840DF07C764FB7274875CBA637C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C8186E19F28BB4742AE33E5672BD7D16\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5A3007C08F8F9E499CD7A568A0DB832\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF62FD5881CA8142938C25BB18B9C5C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B00EF182145684DB01669AC745A592\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8C0C2FCE1C8DDD47B5B756263CCBF40\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0BC69A5620802F49BCCACD3D353BB34\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1B31CA5D4D28A344A7B5AA4D4BE8570\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F629E39E0F02DC7419CC3E89CB087AA7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F98BD01DC91EFA346A91ED712EACB86C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFDABF874902E194EBBA6D0EB28C4457\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ not found. Registry value HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Run\\Best Buy pc app deleted successfully. Registry key HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634\ deleted successfully. ========== FILES ========== File/Folder C:\ProgramData\Best Buy pc app not found. C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy folder moved successfully. File/Folder C:\Program Files\Best Buy pc app not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 3332 bytes ->Temporary Internet Files folder emptied: 200248 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 177054948 bytes ->Flash cache emptied: 835 bytes User: Judith ->Temp folder emptied: 3406 bytes ->Temporary Internet Files folder emptied: 6341847 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 16885781 bytes ->Flash cache emptied: 602 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2078 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 191.00 mb OTM by OldTimer - Version 3.1.21.0 log created on 04122014_200858
-
All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCAC5586-44D7-4c43-B64A-F042461A97D2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCAC5586-44D7-4c43-B64A-F042461A97D2}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000} C:\Windows\Downloaded Program Files\swdir.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Starting removal of ActiveX control {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. C:\windows\msdownld.tmp folder deleted successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 3323 bytes ->Temporary Internet Files folder emptied: 355352 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 14158630 bytes ->Flash cache emptied: 57008 bytes User: Judith ->Temp folder emptied: 129183 bytes ->Temporary Internet Files folder emptied: 7818661 bytes ->Java cache emptied: 359413 bytes ->FireFox cache emptied: 17682072 bytes ->Flash cache emptied: 506 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3938 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78039 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 39.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 04112014_134523 Files\Folders moved on Reboot... C:\Users\Judith\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Judith\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
I figured it out and there is no log to send from desktop, and I forgot to log out the other account , hope that will not cause problems
-
SystemLook 30.07.11 by jpshortstuff Log created at 09:54 on 12/04/2014 by Judith Administrator - Elevation successful ========== regfind ========== Searching for "Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03D5B88E9831BC54DB7C3C16F1E5C891] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Default.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\076C9D3C21C324B4BA3B9B218FAD0CFE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.Presentation.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B9B2E81428F63D43B699CB5568491F1] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\About.rtf.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18232011C7B3D1F4E8E6EFE91DA0159E] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\WelcomeScreen.rtf.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1934F68B2A5E0734BAEF63492CFAB6D0] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2508166F59895DD4E8333038B399B425] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Ionic.Zip.Reduced.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26620F978EDADC544A36CE70408B0715] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Update.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2C367727B6AC9244EA02307F5AA1D375] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.Logging.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2FA390BC58BE0A342B9D8F2D2479D885] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Home.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\329FD134DA4E0844B9369A6E650BC8F0] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.Common.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3664465A628E7094395C7796134756EC] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Interop.IWshRuntimeLibrary.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D28A8305F807C347A6A2A19F1D403F8] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Restarter.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41F55FDF723F1724DB50F63ED20BC7AD] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45F95AABBAF529448918A63384170E3C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\Translations.xml.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\473D39163BF26964EA39C4D279B0034B] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Default.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B31418C83410D9468EDC7098CCF00ED] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\SharpBITS.Base.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53E0EB5423EC3144FB438F35A966ED15] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\59FCE2ED8A0AAD246B91B9449A9C8A7D] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\ViewModels.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E07ABB1F25A0564F9372D3BDC68B203] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E184F7A70ED58543B1E40F700BC2BFE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Localization.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FD0A0DFF52247B49AC04670CD5A6844] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Common.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64305C21032E85640A74CF21F3169980] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\TranslationSchema.xsd.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\659816A5A7096874FA1D0FA5BCBB38CA] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68F72A321BB63C34BAB8706A17CFF763] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.Tests.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E6F944C87C9DC94E86A68A4265FFFAE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.WindowsAPICodePack.Shell.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\717EA78AB4B7DB7448677A019EAFD8A7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImageInfrastructure.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FEED76AD1E2CD042A26AEAAC9A64A37] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnce.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86B0802BFF8E33C43A3C2053C7A86AE9] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnceUninstaller.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86CA132B1D76AEE44839B283180303F6] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.manifest" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\923DFC1DEEF7EC04DAC41B515D68C0D7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9403CE5B8841C114C8D468E237F0CCC9] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\FluidKit.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94508772FFF88854C9447AC3707F6CCD] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\Best Buy pc app.3.0.0.0.application" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\952346D22C857BC4894049D2A73F9CDE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\pc app Installer.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9913D5AB95EF2EA458753EF533BE9A97] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Common.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9B8CA15CC6A10F742A15E16C6092FF73] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImageInfrastructure.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB32D078443EC714F84AB2D58858DC66] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.ServiceLocation.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1C443A5149E61C488ADAA951BDFEEB3] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.UnityExtensions.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6AAC145EEF70EE4494245E3BD7E4789] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B828335B654D2854DA6FDFCF2E3E1125] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\tempCategories.xml.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB65905F877923448986F05B6392035B] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBC1219AD7E2D234C9D22495DB902660] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Unity.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2310AB7FC0B06A479BBBAF550638257] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.WindowsAPICodePack.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2F9C840DF07C764FB7274875CBA637C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\pc app Installer.exe.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C8186E19F28BB4742AE33E5672BD7D16] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\AppMeasurement_DotNET.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5A3007C08F8F9E499CD7A568A0DB832] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\ViewModels.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF62FD5881CA8142938C25BB18B9C5C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\CustomControls.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B00EF182145684DB01669AC745A592] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\BestBuySoftwareInstaller.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8C0C2FCE1C8DDD47B5B756263CCBF40] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.ObjectBuilder2.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0BC69A5620802F49BCCACD3D353BB34] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Update.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1B31CA5D4D28A344A7B5AA4D4BE8570] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F629E39E0F02DC7419CC3E89CB087AA7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F98BD01DC91EFA346A91ED712EACB86C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\AppIcon.ico.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFDABF874902E194EBBA6D0EB28C4457] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Home.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\InstallProperties] "InstallLocation"="C:\Program Files\Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\InstallProperties] "DisplayName"="Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}] "InstallLocation"="C:\Program Files\Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}] "DisplayName"="Best Buy pc app" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Run] "Best Buy pc app"="C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "ShortcutAppId"="http://pcimage.bestbuy.com/pcpersonalizer/Prod/Active/ClickOnceUpdates/Best%20Buy%20pc%20app.application#Best Buy pc app, Culture=neutral, PublicKeyToken=ec8bce34fe4caa9f, processorArchitecture=msil" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "SupportShortcutFileName"="Best Buy pc app online support" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "ShortcutFileName"="Best Buy pc app" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "UninstallString"=""C:\ProgramData\Best Buy pc app\ClickOnceUninstaller.exe" /publisher:"Best Buy" /name:"Best Buy pc app"" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "DisplayName"="Best Buy pc app" [HKEY_USERS\S-1-5-21-1596010243-3757955604-700281957-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\48e4cff94f039634] "ClickOnceUninstallString"="rundll32.exe dfshim.dll,ShArpMaintain Best Buy pc app, Culture=neutral, PublicKeyToken=ec8bce34fe4caa9f, processorArchitecture=msil" Searching for "*Best Buy pc app*" No data found. ========== folderfind ========== Searching for "Best Buy pc app" C:\_OTM\MovedFiles\04112014_184026\C_ProgramData\Best Buy pc app d------ [00:19 09/02/2013] Searching for "*Best Buy pc app*" C:\_OTM\MovedFiles\04112014_184026\C_ProgramData\Best Buy pc app d------ [00:19 09/02/2013] -= EOF =-
-
The Guest account still announces that the Best Buy pc app can not run and to create a regular Windows account, so it must still be running Still there and something still asked if I wanted to force it to shut down.
-
All processes killed ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Best Buy pc app Setup.exe\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03D5B88E9831BC54DB7C3C16F1E5C891\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\076C9D3C21C324B4BA3B9B218FAD0CFE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B9B2E81428F63D43B699CB5568491F1\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18232011C7B3D1F4E8E6EFE91DA0159E\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1934F68B2A5E0734BAEF63492CFAB6D0\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2508166F59895DD4E8333038B399B425\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26620F978EDADC544A36CE70408B0715\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2C367727B6AC9244EA02307F5AA1D375\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2FA390BC58BE0A342B9D8F2D2479D885\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\329FD134DA4E0844B9369A6E650BC8F0\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3664465A628E7094395C7796134756EC\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D28A8305F807C347A6A2A19F1D403F8\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41F55FDF723F1724DB50F63ED20BC7AD\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45F95AABBAF529448918A63384170E3C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\473D39163BF26964EA39C4D279B0034B\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B31418C83410D9468EDC7098CCF00ED\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53E0EB5423EC3144FB438F35A966ED15\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\59FCE2ED8A0AAD246B91B9449A9C8A7D\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E07ABB1F25A0564F9372D3BDC68B203\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E184F7A70ED58543B1E40F700BC2BFE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FD0A0DFF52247B49AC04670CD5A6844\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64305C21032E85640A74CF21F3169980\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\659816A5A7096874FA1D0FA5BCBB38CA\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68F72A321BB63C34BAB8706A17CFF763\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E6F944C87C9DC94E86A68A4265FFFAE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\717EA78AB4B7DB7448677A019EAFD8A7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FEED76AD1E2CD042A26AEAAC9A64A37\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86B0802BFF8E33C43A3C2053C7A86AE9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86CA132B1D76AEE44839B283180303F6\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\923DFC1DEEF7EC04DAC41B515D68C0D7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9403CE5B8841C114C8D468E237F0CCC9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94508772FFF88854C9447AC3707F6CCD\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\952346D22C857BC4894049D2A73F9CDE\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9913D5AB95EF2EA458753EF533BE9A97\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9B8CA15CC6A10F742A15E16C6092FF73\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB32D078443EC714F84AB2D58858DC66\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1C443A5149E61C488ADAA951BDFEEB3\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6AAC145EEF70EE4494245E3BD7E4789\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B828335B654D2854DA6FDFCF2E3E1125\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB65905F877923448986F05B6392035B\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBC1219AD7E2D234C9D22495DB902660\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2310AB7FC0B06A479BBBAF550638257\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2F9C840DF07C764FB7274875CBA637C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C8186E19F28BB4742AE33E5672BD7D16\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5A3007C08F8F9E499CD7A568A0DB832\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF62FD5881CA8142938C25BB18B9C5C\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B00EF182145684DB01669AC745A592\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8C0C2FCE1C8DDD47B5B756263CCBF40\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0BC69A5620802F49BCCACD3D353BB34\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1B31CA5D4D28A344A7B5AA4D4BE8570\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F629E39E0F02DC7419CC3E89CB087AA7\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFDABF874902E194EBBA6D0EB28C4457\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBBC4667-2521-4E78-B1BD-8706F774549B}\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Best Buy pc app\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Best Buy pc app\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Best Buy pc app\ not found. ========== FILES ========== C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs folder moved successfully. C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US folder moved successfully. C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization folder moved successfully. C:\ProgramData\Best Buy pc app\3.0.0.0\Resources folder moved successfully. C:\ProgramData\Best Buy pc app\3.0.0.0 folder moved successfully. C:\ProgramData\Best Buy pc app folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\mXML.dll folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\mWinRun.dll folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\mDown.dll folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\F02487F4\90FCD56 folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\F02487F4 folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B\E8FFBBDC folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B\BB2F2A4E folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B\B6BEAD2D folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B\AFDB8260 folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B\7AE27ED1 folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\D979B9B folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\B09FB3AA\90FCD56 folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE\B09FB3AA folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\OFFLINE folder moved successfully. C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29} folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 1723 bytes ->Temporary Internet Files folder emptied: 49248 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 8681673 bytes ->Flash cache emptied: 506 bytes User: Judith ->Temp folder emptied: 1594 bytes ->Temporary Internet Files folder emptied: 7844938 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 291 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36246 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 747 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 16.00 mb OTM by OldTimer - Version 3.1.21.0 log created on 04112014_184026 Files moved on Reboot... C:\Users\Judith\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot...
-
Before I ran OTL I had logged in to the guest account and it would not pull up IE.
-
SystemLook 30.07.11 by jpshortstuff Log created at 14:01 on 11/04/2014 by Judith Administrator - Elevation successful ========== regfind ========== Searching for "Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Best Buy pc app Setup.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9] "ProductName"="Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9\SourceList] "PackageName"="Best Buy pc app Setup.msi" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03D5B88E9831BC54DB7C3C16F1E5C891] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Default.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\076C9D3C21C324B4BA3B9B218FAD0CFE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.Presentation.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B9B2E81428F63D43B699CB5568491F1] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\About.rtf.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18232011C7B3D1F4E8E6EFE91DA0159E] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\RTFs\WelcomeScreen.rtf.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1934F68B2A5E0734BAEF63492CFAB6D0] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2508166F59895DD4E8333038B399B425] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Ionic.Zip.Reduced.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26620F978EDADC544A36CE70408B0715] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Update.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2C367727B6AC9244EA02307F5AA1D375] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.Logging.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2FA390BC58BE0A342B9D8F2D2479D885] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Home.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\329FD134DA4E0844B9369A6E650BC8F0] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.Common.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3664465A628E7094395C7796134756EC] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Interop.IWshRuntimeLibrary.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D28A8305F807C347A6A2A19F1D403F8] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Restarter.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41F55FDF723F1724DB50F63ED20BC7AD] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45F95AABBAF529448918A63384170E3C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\Localization\en-US\Translations.xml.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\473D39163BF26964EA39C4D279B0034B] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Default.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B31418C83410D9468EDC7098CCF00ED] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\SharpBITS.Base.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53E0EB5423EC3144FB438F35A966ED15] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\59FCE2ED8A0AAD246B91B9449A9C8A7D] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\ViewModels.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E07ABB1F25A0564F9372D3BDC68B203] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E184F7A70ED58543B1E40F700BC2BFE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Localization.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FD0A0DFF52247B49AC04670CD5A6844] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Common.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64305C21032E85640A74CF21F3169980] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\TranslationSchema.xsd.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\659816A5A7096874FA1D0FA5BCBB38CA] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68F72A321BB63C34BAB8706A17CFF763] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.Tests.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E6F944C87C9DC94E86A68A4265FFFAE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.WindowsAPICodePack.Shell.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\717EA78AB4B7DB7448677A019EAFD8A7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImageInfrastructure.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FEED76AD1E2CD042A26AEAAC9A64A37] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnce.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86B0802BFF8E33C43A3C2053C7A86AE9] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnceUninstaller.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86CA132B1D76AEE44839B283180303F6] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Best Buy pc app.exe.manifest" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\923DFC1DEEF7EC04DAC41B515D68C0D7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Omniture.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9403CE5B8841C114C8D468E237F0CCC9] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\FluidKit.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94508772FFF88854C9447AC3707F6CCD] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\Best Buy pc app.3.0.0.0.application" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\952346D22C857BC4894049D2A73F9CDE] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\pc app Installer.exe.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9913D5AB95EF2EA458753EF533BE9A97] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Common.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9B8CA15CC6A10F742A15E16C6092FF73] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImageInfrastructure.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB32D078443EC714F84AB2D58858DC66] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.ServiceLocation.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1C443A5149E61C488ADAA951BDFEEB3] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.UnityExtensions.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6AAC145EEF70EE4494245E3BD7E4789] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B828335B654D2854DA6FDFCF2E3E1125] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Resources\tempCategories.xml.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB65905F877923448986F05B6392035B] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Composite.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBC1219AD7E2D234C9D22495DB902660] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.Unity.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2310AB7FC0B06A479BBBAF550638257] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.WindowsAPICodePack.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2F9C840DF07C764FB7274875CBA637C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\pc app Installer.exe.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C8186E19F28BB4742AE33E5672BD7D16] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\AppMeasurement_DotNET.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5A3007C08F8F9E499CD7A568A0DB832] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\ViewModels.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF62FD5881CA8142938C25BB18B9C5C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\CustomControls.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B00EF182145684DB01669AC745A592] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\BestBuySoftwareInstaller.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8C0C2FCE1C8DDD47B5B756263CCBF40] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.ObjectBuilder2.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0BC69A5620802F49BCCACD3D353BB34] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Update.dll.config.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1B31CA5D4D28A344A7B5AA4D4BE8570] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F629E39E0F02DC7419CC3E89CB087AA7] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F98BD01DC91EFA346A91ED712EACB86C] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\AppIcon.ico.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFDABF874902E194EBBA6D0EB28C4457] "7664CBBF125287E41BDB78607F4745B9"="C:\ProgramData\Best Buy pc app\3.0.0.0\PCImage.Modules.Home.dll.deploy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\InstallProperties] "InstallLocation"="C:\Program Files\Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9\InstallProperties] "DisplayName"="Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}] "InstallLocation"="C:\Program Files\Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}] "DisplayName"="Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app] "DisplayIcon"="C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app] "UninstallString"=""C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" REMOVE=TRUE MODIFY=FALSE" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app] "ModifyPath"="C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app] "InstallLocation"="C:\Program Files\Best Buy pc app" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}] "UninstallString"="C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Best Buy pc app] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Best Buy pc app] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Best Buy pc app] Searching for "*Best Buy pc app*" No data found. -= EOF =-
-
All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCAC5586-44D7-4c43-B64A-F042461A97D2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCAC5586-44D7-4c43-B64A-F042461A97D2}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000} C:\Windows\Downloaded Program Files\swdir.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Starting removal of ActiveX control {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. C:\windows\msdownld.tmp folder deleted successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 3323 bytes ->Temporary Internet Files folder emptied: 355352 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 14158630 bytes ->Flash cache emptied: 57008 bytes User: Judith ->Temp folder emptied: 129183 bytes ->Temporary Internet Files folder emptied: 7818661 bytes ->Java cache emptied: 359413 bytes ->FireFox cache emptied: 17682072 bytes ->Flash cache emptied: 506 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3938 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78039 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 39.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 04112014_134523 Files\Folders moved on Reboot... C:\Users\Judith\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Judith\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
Sorry I do not see the option for window 7 users accept UAC alert? I am a bit confused here
-
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/8/2013 5:32:58 PM System Uptime: 4/8/2014 6:24:20 PM (15 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: AMD E-350 Processor | Socket FT1 | 1600/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 252.712 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP140: 4/7/2014 10:38:29 AM - End of disinfection RP141: 4/8/2014 8:05:34 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Adobe Reader XI (11.0.06) Amazon Cloud Player Amazon Music Importer Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATI Catalyst Install Manager Best Buy pc app Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Computer Security 12.83.104.0 (release) Conexant HD Audio D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition ETDWare PS/2-X64 8.0.8.0_R01 F-Secure CCF Reputation F-Secure CCF Scanning 1.23.124.8831 (release) F-Secure Network CCF 1.02.128 Frontier Secure Java 7 Update 51 Java Auto Updater Junk Mail filter update Label@Once 1.0 Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Mouse and Keyboard Center Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Mozilla Firefox 27.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Online Safety 2.83.1329.952 PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition swMSM TOSHIBA Application Installer TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package ToshibaRegistration Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Waterfox 27.0.2 (x64 en-US) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WMV9/VC-1 Video Playback . ==== Event Viewer Messages From Past Week ======== . 4/8/2014 8:01:35 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 4/8/2014 8:01:09 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 4/8/2014 8:01:09 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 4/8/2014 11:38:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 4/8/2014 10:22:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user KIRK-PC\Guest SID (S-1-5-21-1596010243-3757955604-700281957-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
-
OTL logfile created on: 4/11/2014 9:05:29 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judith\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16866) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.60 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 61.81% Memory free 5.20 Gb Paging File | 3.90 Gb Available in Paging File | 74.92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.29 Gb Total Space | 251.56 Gb Free Space | 88.18% Space Free | Partition Type: NTFS Computer Name: KIRK-PC | User Name: Judith | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/04/11 09:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe PRC - [2014/03/26 03:32:24 | 001,206,312 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\fssm32.exe PRC - [2014/03/26 03:32:24 | 000,636,456 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\fsgk32.exe PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/10/16 16:18:29 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe PRC - [2013/08/14 05:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE PRC - [2013/08/14 05:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSMA32.EXE PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\fshoster32.exe ========== Modules (No Company Name) ========== MOD - [2013/10/16 16:13:22 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll MOD - [2013/08/14 05:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\FSGUI\fsavures.eng ========== Services (SafeList) ========== SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2011/02/10 13:52:04 | 000,203,776 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/10/20 15:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2010/09/28 13:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV - [2014/04/10 08:25:46 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/03/25 14:54:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/10/16 16:18:29 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient) SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013/08/14 05:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA) SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\fshoster32.exe -- (fshoster) SRV - [2013/04/04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2011/02/11 14:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/10/16 16:29:10 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts) DRV:64bit: - [2013/05/13 16:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2013/04/04 15:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013/03/25 15:41:46 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/04/20 10:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/14 13:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011/02/10 14:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/02/10 13:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/01/05 02:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/11 13:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010/11/05 08:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2010/11/05 08:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010/10/08 12:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV - [2014/03/03 21:04:01 | 000,203,304 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2014/03/03 21:02:55 | 000,069,480 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS) DRV - [2013/08/14 05:22:44 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista) DRV - [2013/04/25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\CCF_Scanning\fsni64.sys -- (fsni) DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\System32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Judith\Desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://frontier.yahoo.com/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKCU\..\SearchScopes\{3B2C9801-5FC7-4884-A127-E552570857AD}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff-7.5@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1130\7.5.1130\FIREFOXEXTENSION 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 27.0.2\extensions\\Components: C:\PROGRAM FILES\WATERFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 27.0.2\extensions\\Plugins: C:\PROGRAM FILES\WATERFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1130\7.5.1130\firefoxextension FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/07 16:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions [2014/03/20 13:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\cqjugvhh.default-1395345917665\extensions [2014/02/24 22:35:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014/04/10 08:25:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [F-Secure Hoster (53784)] C:\Program Files (x86)\Frontier\fshoster32.exe (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) O4 - Startup: C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A}: DhcpNameServer = 192.168.254.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE8955E8-D2B7-40F6-B417-F67FC1CC5384}: DhcpNameServer = 192.168.254.254 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.) O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/04/11 09:00:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe [2014/04/09 09:15:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll [2014/04/09 09:15:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2014/04/09 09:15:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll [2014/04/09 09:15:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2014/04/09 09:15:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2014/04/09 09:15:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2014/04/09 09:15:44 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2014/04/09 09:15:33 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2014/04/09 09:15:29 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2014/04/09 09:15:28 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2014/04/09 09:15:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2014/04/09 09:15:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2014/04/09 09:15:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2014/04/09 09:15:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2014/04/09 09:15:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2014/04/09 09:15:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2014/04/09 09:15:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2014/04/09 09:12:59 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys [2014/04/09 09:12:59 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys [2014/04/09 09:12:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iologmsg.dll [2014/04/09 09:12:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iologmsg.dll [2014/04/09 09:12:26 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll [2014/04/09 09:12:26 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2014/04/09 09:12:25 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll [2014/04/09 09:12:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2014/04/09 09:12:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll [2014/04/09 09:12:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2014/04/09 09:12:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll [2014/04/09 09:12:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2014/04/09 09:12:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2014/04/09 09:12:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2014/04/09 09:05:21 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Judith\Desktop\dds.scr [2014/03/25 14:34:36 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2014/03/25 14:34:36 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2014/03/20 13:05:23 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\Old Firefox Data [2014/03/19 12:58:58 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Oracle [2014/03/18 22:07:39 | 029,393,568 | ---- | C] (SUPERAntiSpyware) -- C:\Users\Judith\Desktop\SUPERAntiSpyware.exe [2014/03/12 16:12:16 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll [2014/03/12 16:12:16 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll [2014/03/12 16:12:06 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll [2014/03/12 16:12:06 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll [2014/03/12 16:11:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/04/11 09:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe [2014/04/11 08:53:18 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/04/11 08:53:18 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/04/11 08:51:26 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2014/04/11 08:51:26 | 000,662,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2014/04/11 08:51:26 | 000,122,470 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2014/04/11 08:45:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2014/04/11 08:44:32 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys [2014/04/10 23:24:04 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2014/04/09 09:06:10 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Judith\Desktop\dds.scr [2014/04/05 14:27:13 | 000,001,303 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014/03/25 14:54:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2014/03/25 14:54:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2014/03/18 22:23:49 | 029,393,568 | ---- | M] (SUPERAntiSpyware) -- C:\Users\Judith\Desktop\SUPERAntiSpyware.exe [2014/03/12 23:33:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2014/03/12 23:32:27 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll [2014/03/12 23:32:24 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2014/03/12 23:32:03 | 003,959,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2014/03/12 23:32:03 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2014/03/12 23:31:56 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2014/03/12 23:31:55 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2014/03/12 23:31:55 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2014/03/12 23:31:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2014/03/12 22:09:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll [2014/03/12 22:09:42 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2014/03/12 22:09:39 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2014/03/12 22:09:39 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2014/03/12 22:09:39 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2014/03/12 22:09:39 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2014/03/12 20:59:47 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2014/03/12 20:51:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2014/03/12 16:37:58 | 000,417,416 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/04/04 22:50:59 | 000,001,303 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014/03/25 14:34:39 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2014/02/24 22:03:17 | 000,775,084 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2013/10/16 16:19:11 | 000,019,875 | ---- | C] () -- C:\windows\prodsett_copy.ini [2013/03/03 16:13:52 | 000,022,064 | ---- | C] () -- C:\windows\DCEBoot64.exe [2013/02/27 10:41:13 | 000,234,544 | ---- | C] () -- C:\windows\RegBootClean64.exe [2013/02/09 06:44:18 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2013/02/09 06:38:11 | 000,000,036 | ---- | C] () -- C:\Users\Judith\AppData\Local\housecall.guid.cache [2013/02/08 16:54:48 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe [2013/02/08 16:48:46 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2013/02/08 16:46:11 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2013/07/24 19:32:17 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/02/28 23:31:56 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Book Place [2013/11/06 11:35:29 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\com.amazon.music.uploader [2014/03/19 12:58:58 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Oracle [2013/08/28 22:20:46 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Toshiba [2013/02/08 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\WinBatch ========== Purity Check ========== < End of report >
-
This morning I turned the computer on, pressed i.e. and the web came up solid white and then shut down, I tried it tree times and the third time double clicked instead of one click . The web came up and took several seconds to show a any type or pic's or icons . I had not tried shutting it down before and was putting it on sleep most of the time. At times , yesterday, it looked like there were several screens open one lapped over the other, I could see the base of the web on about 10 or more of what appeared the same page? I think I had seen that before and attributed it to the slowness but now I am not sure. My quest about OTL is, if there is something running in the back and I can't really see it how do I shut it down? I know there is something running , every time I try to shut down the machine warns me that it is waiting for a running program to shut down and asks me if I want to force it to shut down?
-
No just need to find that Best Buy app and get it gone.
-
I don't see it in the Add/Remove. I was leery of the Best Buy app for help on line , for one of the workers came in with my sons name and a hoodie or gang member style hat in his photo , so I phoned Best buy and they verified there was a member in the geek squad with that name but could not verify that photo, what I found odd is it was my sons name and he is very Nordic looking, not on Geek Squad, but management and that young man was Brazilian . Several months later that son got severely hacked . I do not bank on line but I think he did. Also he has a (supposed) Best Buy App that appeared to zip through everything in this machine. it took about a hour and I could see all that flash before my face. In the guest account it appears to be 398 bytes disk 4.00kb and was created Feb 03, 2013 but seems if it was from Best Buy it would have been created 2011 when we bought the computer? I think there was one in Add/Remove but I uninstalled it. Bothers me that is says full control also , the name is simply pc.app
-
I followed the link and had to finally press home page to see what it had to say, and at the bottom was the free geek uninstaller but do not think that it was right when I opened it so I remove that and think I should not try any more.
-
I see downloads but do not see uninstaller on any of them, not sure what one to pick
-
DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16843 BrowserJavaVersion: 10.51.2 Run by Judith at 9:07:18 on 2014-04-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.1273 [GMT -7:00] . AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\Program Files (x86)\Frontier\fshoster32.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Frontier\fshoster32.exe C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSMA32.EXE C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSHDLL64.EXE C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\SearchIndexer.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\servicing\TrustedInstaller.exe C:\windows\system32\wuauclt.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: AutorunsDisabled - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll mRun: [F-Secure Hoster (53784)] "C:\Program Files (x86)\Frontier\fshoster32.exe" -app -hosterid:1 mRun: [F-Secure Manager] "C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Common\FSM32.EXE" /splash mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Judith\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: EnableSecureUIAPath = dword:1 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.254.254 TCP: Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A} : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A}\6427F6E64796562733731353 : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A}\6716E602E475 : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A}\D61636B6D27457563747 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{1C9F5782-6E1E-4B87-B6CE-A95F954BF38A}\E43434 : DHCPNameServer = 68.87.69.146 68.87.85.98 TCP: Interfaces\{EE8955E8-D2B7-40F6-B417-F67FC1CC5384} : DHCPNameServer = 192.168.254.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\cqjugvhh.default-1395345917665\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll FF - plugin: C:\windows\System32\Macromed\Flash\NPSWF64_12_0_0_77.dll FF - plugin: C:\windows\System32\npDeployJava1.dll FF - plugin: C:\windows\System32\npmproxy.dll FF - plugin: C:\windows\System32\Wat\npWatWeb.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2013-2-8 75904] R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2013-2-8 38016] R0 fsbts;fsbts;C:\windows\System32\drivers\fsbts.sys [2013-10-16 56016] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Frontier\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-4-3 69480] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-10-16 13248] R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\Frontier\fshoster32.exe [2013-5-15 191424] R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Frontier\apps\CCF_Reputation\fsorsp.exe [2012-8-6 60352] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-7 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-7 701512] R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Frontier\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2013-10-16 203304] R3 fsni;fsni;C:\Program Files (x86)\Frontier\apps\CCF_Scanning\fsni64.sys [2013-4-25 80832] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2013-2-8 9216] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-12-7 25928] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2013-2-8 1109096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-8 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2013-2-8 243712] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-8 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-2-8 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-2-9 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S3 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-2-8 203776] S4 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2013-2-8 54136] S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] . =============== Created Last 30 ================ . 2014-04-08 15:06:37 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32E773CB-9E07-4374-8B02-114B2E3EFD61}\mpengine.dll 2014-04-07 22:04:00 93808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\webapprt-stub.exe 2014-04-07 22:04:00 878024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\uninstall\helper.exe 2014-04-07 22:04:00 28272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\plugin-hang-ui.exe 2014-04-07 22:04:00 276592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\updater.exe 2014-04-07 22:04:00 23186032 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\xul.dll 2014-04-07 22:04:00 18544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe 2014-04-07 22:04:00 170960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\webapp-uninstaller.exe 2014-04-07 22:04:00 152688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\softokn3.dll 2014-03-25 21:34:36 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-25 21:34:36 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2014-03-12 23:12:16 624128 ----a-w- C:\windows\System32\qedit.dll 2014-03-12 23:12:16 509440 ----a-w- C:\windows\SysWow64\qedit.dll 2014-03-12 23:12:14 228864 ----a-w- C:\windows\System32\wwansvc.dll 2014-03-12 23:12:10 3156480 ----a-w- C:\windows\System32\win32k.sys 2014-03-12 23:12:06 484864 ----a-w- C:\windows\System32\wer.dll 2014-03-12 23:12:06 381440 ----a-w- C:\windows\SysWow64\wer.dll 2014-03-12 23:11:10 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll 2014-03-12 23:11:09 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll . ==================== Find3M ==================== . 2014-02-23 08:13:41 2241536 ----a-w- C:\windows\System32\wininet.dll 2014-02-23 08:11:59 3960320 ----a-w- C:\windows\System32\jscript9.dll 2014-02-23 08:11:52 67072 ----a-w- C:\windows\System32\iesetup.dll 2014-02-23 08:11:52 136704 ----a-w- C:\windows\System32\iesysprep.dll 2014-02-23 06:54:46 1767936 ----a-w- C:\windows\SysWow64\wininet.dll 2014-02-23 06:53:22 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll 2014-02-23 06:53:18 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2014-02-23 06:53:18 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2014-02-23 06:35:36 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2014-02-23 06:31:25 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2014-02-23 05:39:39 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2014-02-23 05:35:24 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2014-02-20 06:09:34 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-16 00:42:40 608032 ----a-w- C:\SecurityScanner.dll . ============= FINISH: 9:09:42.64 ===============
-
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/8/2013 5:32:58 PM System Uptime: 4/8/2014 6:24:20 PM (15 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: AMD E-350 Processor | Socket FT1 | 1600/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 252.712 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP140: 4/7/2014 10:38:29 AM - End of disinfection RP141: 4/8/2014 8:05:34 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Adobe Reader XI (11.0.06) Amazon Cloud Player Amazon Music Importer Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATI Catalyst Install Manager Best Buy pc app Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Computer Security 12.83.104.0 (release) Conexant HD Audio D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition ETDWare PS/2-X64 8.0.8.0_R01 F-Secure CCF Reputation F-Secure CCF Scanning 1.23.124.8831 (release) F-Secure Network CCF 1.02.128 Frontier Secure Java 7 Update 51 Java Auto Updater Junk Mail filter update Label@Once 1.0 Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Mouse and Keyboard Center Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Mozilla Firefox 27.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Online Safety 2.83.1329.952 PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition swMSM TOSHIBA Application Installer TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package ToshibaRegistration Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Waterfox 27.0.2 (x64 en-US) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WMV9/VC-1 Video Playback . ==== Event Viewer Messages From Past Week ======== . 4/8/2014 8:01:35 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 4/8/2014 8:01:09 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 4/8/2014 8:01:09 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 4/8/2014 11:38:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 4/8/2014 10:22:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user KIRK-PC\Guest SID (S-1-5-21-1596010243-3757955604-700281957-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
-
Guest account say's Best Buy app can not operate in a guest account 2014/04/08 13:22:25 -0700 KIRK-PC Guest MESSAGE Executing scheduled update: Daily 2014/04/08 13:23:02 -0700 KIRK-PC Guest MESSAGE Scheduled update executed successfully: database updated from version v2014.04.07.12 to version v2014.04.08.07 2014/04/08 13:23:02 -0700 KIRK-PC Guest MESSAGE Starting database refresh 2014/04/08 13:23:03 -0700 KIRK-PC Guest MESSAGE Stopping IP protection 2014/04/08 13:23:07 -0700 KIRK-PC Guest MESSAGE IP Protection stopped successfully 2014/04/08 13:23:52 -0700 KIRK-PC Guest MESSAGE Database refreshed successfully 2014/04/08 13:23:54 -0700 KIRK-PC Guest MESSAGE Starting IP protection 2014/04/08 13:24:11 -0700 KIRK-PC Guest MESSAGE IP Protection started successfully
-
All seems good, but do wonder about Best Buy app. I created a guest account, used to have my own but best buy changed it to duel his/hers because my husband could not figure out how to use the computer and get help. Now I see that Best Buy app and wonder if they still had access ? But it seems nice , so I am not complaining . Great job, But I ran Malwarebyt's in the guest account and came up with PUP called Mindspark. I picked remove will rescan in this account again
-
Yes thank you , did not work from inside program but I think the FN + F11 was the answer. The help section of this computer tells me it is not on line , but I know it was originally , I used to try to learn how to use the Windows 7 from there and the book is not so good
-
Done thank you # DelFix v10.6 - Logfile created 07/04/2014 at 10:37:57 # Updated 11/11/2013 by Xplode # Username : Judith - KIRK-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Judith\Desktop\RK_Quarantine Deleted : C:\TDSSKiller.3.0.0.25_03.03.2014_20.01.41_log.txt Deleted : C:\TDSSKiller.3.0.0.28_04.04.2014_09.56.52_log.txt Deleted : C:\TDSSKiller.3.0.0.28_04.04.2014_10.00.01_log.txt Deleted : C:\Users\Judith\Desktop\Addition.txt Deleted : C:\Users\Judith\Desktop\AdwCleaner.exe Deleted : C:\Users\Judith\Desktop\dds.scr Deleted : C:\Users\Judith\Desktop\dds.txt Deleted : C:\Users\Judith\Desktop\Fixlog.txt Deleted : C:\Users\Judith\Desktop\FRST.txt Deleted : C:\Users\Judith\Desktop\FRST64.exe Deleted : C:\Users\Judith\Desktop\FSS.exe Deleted : C:\Users\Judith\Desktop\RKreport[0]_S_04052014_151745.txt Deleted : C:\Users\Judith\Desktop\RogueKillerX64.exe Deleted : C:\Users\Judith\Desktop\tdsskiller.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Cleaning system restore ... Deleted : RP #132 [scheduled Checkpoint | 03/06/2014 20:42:25] Deleted : RP #133 [Windows Update | 03/11/2014 21:34:41] Deleted : RP #134 [Windows Update | 03/12/2014 23:15:38] Deleted : RP #135 [Windows Update | 03/18/2014 23:03:10] Deleted : RP #136 [Windows Backup | 03/24/2014 20:02:14] Deleted : RP #137 [Windows Update | 03/25/2014 17:29:42] Deleted : RP #138 [Windows Update | 03/28/2014 20:33:18] Deleted : RP #139 [Windows Update | 04/01/2014 18:36:37] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
-
I had it backed up on March 23 not that long ago and he was supposed to fix that typing problem also, but my husband wants to find a new tech