Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Again Cannot connect to Secure Sites

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » October 31st, 2014, 7:52 pm

For some reason Avenger is not seeing the command directives in the script I gave you. The directives are there, so we need to check a few things to see if we can get it to see them.

Did you extract Avenger from its zip folder before you attempted to run it, if you did not then please do so, then follow the instructions in my last post once again.

If you did extract Avenger, then please try running it again using the instructions I gave in my last post.

If you still get the same results, then please type the instructions into the "input script here" panel rather than copy/paste them (we may be getting some hidden formatting characters that Avenger can't interpret when you copy/paste). If you do this, then be careful to type them exactly as they are in the quote box below ....

Drivers to delete:
CovenantEyesProxy
cewd64f
cewd64r

Files to delete:
C:\windows\system32\Drivers\cewd64r.sys
C:\windows\system32\Drivers\cewd64f.sys
C:\Program Files\CE\CovenantEyesProxy.exe


If none of the above works, then please let me know. If it does work then please post me the log.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » October 31st, 2014, 9:08 pm

I did extract all previously but did it again. Then typed it in. It still didn't work.
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » November 1st, 2014, 2:23 am

OK, then lets try something else.

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » November 1st, 2014, 9:05 pm

OTL logfile created on: 11/1/2014 7:44:37 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Palmer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 60.49% Memory free
7.20 Gb Paging File | 5.39 Gb Available in Paging File | 74.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 188.94 Gb Total Space | 125.85 Gb Free Space | 66.61% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.15 Gb Free Space | 93.62% Space Free | Partition Type: NTFS

Computer Name: PALMER-PC | User Name: Palmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/11/01 19:39:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
PRC - [2014/10/25 08:20:46 | 000,301,688 | ---- | M] (Moonchild Productions) -- C:\Program Files (x86)\Pale Moon\palemoon.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/06/26 20:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 20:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/11/05 14:54:36 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/11/05 14:54:24 | 000,202,096 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe


========== Modules (No Company Name) ==========

MOD - [2014/10/25 08:20:52 | 003,044,864 | ---- | M] () -- C:\Program Files (x86)\Pale Moon\mozjs.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\CE\CovenantEyesProxy.exe -- (CovenantEyesProxy)
SRV:64bit: - [2014/04/16 17:12:45 | 006,817,544 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2014/03/25 15:22:18 | 002,264,280 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/05/18 23:01:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/17 04:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2014/09/23 20:48:42 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/06/26 20:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 20:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/07/09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/10/27 21:38:25 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/10 11:30:58 | 000,322,736 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0153.sys -- (RsFx0153)
DRV:64bit: - [2014/04/16 17:12:55 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2014/01/28 17:43:30 | 000,045,048 | ---- | M] () [Kernel | System | Running] -- C:\windows\SysNative\Drivers\cewd64r.sys -- (cewd64r)
DRV:64bit: - [2014/01/28 17:43:28 | 000,031,736 | ---- | M] () [File_System | System | Running] -- C:\windows\SysNative\Drivers\cewd64f.sys -- (cewd64f)
DRV:64bit: - [2013/06/26 20:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 20:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 20:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 20:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 13:54:08 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011/07/28 13:54:08 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011/07/28 13:51:39 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/07/28 13:51:28 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/05/19 01:36:50 | 009,079,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/18 22:24:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/21 16:43:10 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/03/10 05:01:40 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/03/07 05:55:00 | 001,353,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/03/04 11:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/15 07:56:06 | 001,402,416 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/30 02:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/11/29 04:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 08:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/04/07 01:57:08 | 000,073,784 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/04/07 01:57:08 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/21 10:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/10/31 20:59:15 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\ptep.sys -- (voelfxrl)
DRV - [2014/10/31 20:47:49 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\owxvx.sys -- (fcyd)
DRV - [2014/10/31 15:41:08 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\qeooylo.sys -- (vmgiye)
DRV - [2014/10/31 15:21:47 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\fdhfucnj.sys -- (nltjcns)
DRV - [2012/09/03 03:20:00 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Palmer\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 25.0.2\extensions\\Components: C:\Program Files (x86)\Pale Moon\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 25.0.2\extensions\\Plugins: C:\Program Files (x86)\Pale Moon\plugins

[2014/05/29 19:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Palmer\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-586848840-3213021952-4089556407-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-586848840-3213021952-4089556407-1000..\Run: [Best Buy pc app] C:\Users\Palmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-586848840-3213021952-4089556407-1000..\RunOnce: [WebMatrix] "C:\Program Files (x86)\Microsoft WebMatrix\WebMatrix.exe" "C:\Users\Palmer\Desktop\Greenville Spine and Sport\Website\themeforest-164366-alyeska-responsive-wordpress-theme\documentation\index.html" "#ExecuteCommand#" "ResumeInstallProduct" #ExecuteCommand# ResumeInstallProduct File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9915F6B5-1BB7-4E4A-8E81-998459FA3C76}: DhcpNameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3703603-99B8-417C-A789-65E52D052B98}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/11/01 19:42:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
[2014/10/31 19:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/10/31 15:19:03 | 000,000,000 | ---D | C] -- C:\Users\Palmer\Desktop\avenger
[2014/10/30 08:00:57 | 000,000,000 | ---D | C] -- C:\Users\Palmer\Desktop\FRST-OlderVersion
[2014/10/28 07:15:23 | 000,000,000 | ---D | C] -- C:\FRST
[2014/10/28 07:12:09 | 002,113,536 | ---- | C] (Farbar) -- C:\Users\Palmer\Desktop\FRST64.exe
[2014/10/26 21:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/10/26 21:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/10/26 21:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/10/26 21:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/26 21:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/10/21 22:52:04 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Palmer\Desktop\dds.scr
[2014/10/21 10:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/11/01 20:10:03 | 001,474,832 | ---- | M] () -- C:\windows\SysNative\drivers\sfi.dat
[2014/11/01 20:05:06 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/11/01 19:56:13 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/01 19:56:10 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/01 19:39:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
[2014/11/01 19:32:40 | 019,774,426 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/11/01 19:32:40 | 006,910,588 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/11/01 19:32:40 | 000,007,086 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/11/01 19:30:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/31 21:09:58 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/31 21:09:58 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/31 21:02:42 | 000,116,434 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2014/10/31 21:00:13 | 2898,874,368 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/31 20:59:21 | 000,000,000 | ---- | M] () -- C:\2.reg
[2014/10/31 20:59:19 | 000,001,298 | ---- | M] () -- C:\1.reg
[2014/10/31 20:59:15 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\ptep.sys
[2014/10/31 20:59:15 | 000,000,444 | ---- | M] () -- C:\avexport.bat
[2014/10/31 20:51:09 | 000,002,279 | ---- | M] () -- C:\Users\Palmer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/31 20:47:49 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\owxvx.sys
[2014/10/31 20:09:48 | 000,028,010 | ---- | M] () -- C:\Users\Palmer\Desktop\bookmarks_10_31_14.html
[2014/10/31 19:52:38 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/31 15:41:16 | 000,018,184 | ---- | M] () -- C:\3.reg
[2014/10/31 15:41:08 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\qeooylo.sys
[2014/10/31 15:21:59 | 000,018,749 | ---- | M] () -- C:\backup.reg
[2014/10/31 15:21:47 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\fdhfucnj.sys
[2014/10/31 15:18:23 | 000,724,952 | ---- | M] () -- C:\Users\Palmer\Desktop\avenger.zip
[2014/10/30 08:00:57 | 002,113,536 | ---- | M] (Farbar) -- C:\Users\Palmer\Desktop\FRST64.exe
[2014/10/27 21:38:25 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/27 21:38:04 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/27 20:48:02 | 000,000,000 | ---- | M] () -- C:\Users\Palmer\AppData\Local\{0AB88CEE-714B-4A12-B36A-4724D7D10DC8}
[2014/10/26 21:42:19 | 000,001,801 | ---- | M] () -- C:\Users\Palmer\Desktop\iTunes.lnk
[2014/10/21 22:51:36 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Palmer\Desktop\dds.scr
[2014/10/05 20:29:25 | 001,930,444 | ---- | M] () -- C:\Users\Palmer\Documents\File Cabinet.JPG
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/10/31 20:59:15 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\ptep.sys
[2014/10/31 20:47:49 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\owxvx.sys
[2014/10/31 20:09:47 | 000,028,010 | ---- | C] () -- C:\Users\Palmer\Desktop\bookmarks_10_31_14.html
[2014/10/31 19:52:38 | 000,002,279 | ---- | C] () -- C:\Users\Palmer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/31 19:52:38 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/31 19:51:13 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/31 19:51:11 | 000,000,894 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/31 15:41:16 | 000,018,184 | ---- | C] () -- C:\3.reg
[2014/10/31 15:41:14 | 000,000,000 | ---- | C] () -- C:\2.reg
[2014/10/31 15:41:13 | 000,001,298 | ---- | C] () -- C:\1.reg
[2014/10/31 15:41:08 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\qeooylo.sys
[2014/10/31 15:41:08 | 000,000,444 | ---- | C] () -- C:\avexport.bat
[2014/10/31 15:21:59 | 000,018,749 | ---- | C] () -- C:\backup.reg
[2014/10/31 15:21:47 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\fdhfucnj.sys
[2014/10/31 15:18:10 | 000,724,952 | ---- | C] () -- C:\Users\Palmer\Desktop\avenger.zip
[2014/10/28 06:58:11 | 000,031,736 | ---- | C] () -- C:\windows\SysNative\drivers\cewd64f.sys
[2014/10/27 20:48:02 | 000,000,000 | ---- | C] () -- C:\Users\Palmer\AppData\Local\{0AB88CEE-714B-4A12-B36A-4724D7D10DC8}
[2014/10/27 08:25:20 | 004,446,712 | ---- | C] () -- C:\windows\SysWow64\authServer.exe
[2014/10/26 21:42:19 | 000,001,801 | ---- | C] () -- C:\Users\Palmer\Desktop\iTunes.lnk
[2014/10/05 20:29:17 | 001,930,444 | ---- | C] () -- C:\Users\Palmer\Documents\File Cabinet.JPG
[2014/08/24 17:51:30 | 000,003,584 | ---- | C] () -- C:\Users\Palmer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/20 22:32:00 | 000,000,023 | ---- | C] () -- C:\Users\Palmer\AppData\Roaming\VimeoDownloaderSettings.ini
[2013/12/19 18:56:56 | 000,007,602 | ---- | C] () -- C:\Users\Palmer\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/13 09:06:44 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/10/13 09:06:44 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/12/15 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Brain Workshop
[2014/10/26 19:51:08 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Dropbox
[2014/06/19 05:11:58 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\FileZilla
[2013/12/21 23:15:03 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Garmin
[2014/08/20 22:20:04 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Media Freeware
[2012/07/19 08:49:42 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\MediaMonkey
[2013/12/11 23:14:17 | 000,000,000 | -H-D | M] -- C:\Users\Palmer\AppData\Roaming\Monotype
[2014/05/29 19:25:59 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Moonchild Productions
[2013/11/08 20:59:49 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\NuGet
[2013/09/23 22:37:44 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\OpenOffice
[2011/11/10 21:06:31 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\OpenOffice.org
[2013/03/12 08:22:09 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\SoftGrid Client
[2014/10/07 21:35:45 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\Systweak
[2013/03/10 14:17:22 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\TP
[2012/09/27 09:33:41 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\TuneUp Software
[2012/02/26 10:27:47 | 000,000,000 | ---D | M] -- C:\Users\Palmer\AppData\Roaming\WindSolutions

========== Purity Check ==========
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » November 1st, 2014, 9:06 pm

OTL Extras logfile created on: 11/1/2014 7:44:37 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Palmer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 60.49% Memory free
7.20 Gb Paging File | 5.39 Gb Available in Paging File | 74.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 188.94 Gb Total Space | 125.85 Gb Free Space | 66.61% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.15 Gb Free Space | 93.62% Space Free | Partition Type: NTFS

Computer Name: PALMER-PC | User Name: Palmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15233B0D-C2B8-439E-86D6-DA9C35248660}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{180B79A7-F198-4851-80AD-3AE964B25709}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1D92C7C3-7975-465E-BB3B-0E47D9B3184B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{255BDC31-6DAA-4B36-BF66-4A6F0B6041CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32EED9C3-10CA-4C14-94AC-D647141C8DEB}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C8EF202-C736-403E-AA28-C8B1C5418C03}" = lport=139 | protocol=6 | dir=in | app=system |
"{666004B0-B625-4CE2-8D7D-A4A1BF42DD92}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6EB4C8A4-1310-4D0B-AF0E-F4CB602070D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{7EAA162A-515E-43B2-87F1-E60A93B4B3EF}" = rport=445 | protocol=6 | dir=out | app=system |
"{7F3539B3-ABB2-4EC2-876F-D3265133D617}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{87216EA7-9323-4B5D-9DF5-CF05CA3A7DAD}" = rport=137 | protocol=17 | dir=out | app=system |
"{89A40204-E842-427E-87EB-EBE5FF18B085}" = lport=445 | protocol=6 | dir=in | app=system |
"{8AA1FBDC-C679-49F7-87C0-792F9A50D093}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8F7C274C-9A8E-4AE4-95B9-6EB2582532EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{920A638F-1F04-4D14-90C6-06928003B0B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{940A6B2F-EBB3-4512-B669-FD572847125E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{96F2F81B-F6D4-45DA-9669-8D87D6C629B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{970E4B4F-EE14-4313-B327-08F0950E2FE4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{9CB9A640-D4CA-4E29-8092-462330168127}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9847D38-6C92-4E40-AFB1-BC252CA9A588}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE3FEEF6-BF27-4E97-BCCD-2C5DBEFD1A81}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C8ABC00F-6BE3-4879-AF34-61EAEB023D09}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE74C6E6-5C3D-4CF1-A962-229A3B48179A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0E12117-19AB-4057-8D73-10AF267B161A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D242A742-6054-4C82-A929-0692355B01BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F4ED22E4-5C95-4EB0-9260-211FA25D0528}" = lport=137 | protocol=17 | dir=in | app=system |
"{FC2EA58A-01BC-45C5-93E9-A6617E9762D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1038676C-5523-4EAC-929F-783718797A7D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1370421F-25CC-4E04-876E-BC546214D168}" = protocol=6 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{137135E8-5DE6-4A3B-91DB-F08229BC82C7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2520F37C-B984-448F-9B00-8A628B858F36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A22233A-5831-40F9-B690-811C7CA497C6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2AD741A3-3442-4119-A291-F3978704454B}" = protocol=6 | dir=out | app=system |
"{38095891-A8BA-442D-9B56-AB06307BF7AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{45D7022A-D549-469F-AAE9-E9B0BEFE05A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4959C2AA-F6FB-4433-9A55-EEC69312F461}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{5294E983-6E88-4C6E-A761-13A31F0FA651}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{58A09388-E404-4308-BD8D-BBD7FCDB49DA}" = protocol=17 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{673130F8-F876-4058-BB4C-B5D3A28E4ECE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A0F830D-EADE-4306-A1F0-2E92CA018954}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7F225D5E-ACE6-4D5A-A346-6CF02FA49A5A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{88330239-55F0-4878-B753-66037875041F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8F5376CE-DCEB-4C9F-A909-B8A83387C35F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98315CD9-469B-4E06-BAF8-3C47767C4553}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B0B8F23-DC19-47BB-87B4-ED63A1EA5069}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{A43B8422-EEFF-4BB9-8196-4D0FFD90F918}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A50EA93F-0720-479E-89CF-116188F9AF8B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A920A103-A7F7-442D-B16D-8CBA811EC9E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AAAE8312-67DD-4069-BCCA-B74752C122E3}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{B41D8966-60FC-48E2-909E-263C4606E52F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C30AC1E5-C32C-458F-92A6-FB8405E9B983}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC4823A0-7E3A-4C1C-B426-AA2D9BD49944}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D6BC6A7B-24A5-411D-AB69-3EC3CD128EE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCDFA1A2-CE3A-4713-9ECA-173CA5DD07E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1F41EEA-DC56-47E8-9A82-5DC0F2F19EA0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E300F569-7D88-4253-8CDF-C90A4F49AAD8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E73D17AD-1201-4A07-A0C8-915955C3B619}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{F2C20AB4-D939-4722-8FBC-B5A6801C003D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D4A3734-9328-440F-960C-42B4CE481EB4}" = Microsoft SQL Server 2008 R2 Setup (English)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 SP2 Common Files
"{238F81AA-71FA-9278-9D35-9EC4C8CC6687}" = WMV9/VC-1 Video Playback
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{2AA0764A-4EA1-4C63-8E42-173A015030B3}" = MySQL Server 5.1
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 SP2 Common Files
"{37B907C1-EA3D-4894-EEBE-275CB0BF5BA2}" = ATI Catalyst Install Manager
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EAB2511-0135-48CA-A47B-CE1E6836793A}" = COMODO Internet Security
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{68B6C1B8-98CD-E09F-4A29-DC25F16237EE}" = ccc-utility64
"{6BCCC6EF-3AC0-4D0A-AB92-64C5F1E24556}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{6D2C6A52-ED31-63B4-B516-AA354F4A150E}" = ATI AVIVO64 Codecs
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E8F7904A-4780-4F3F-B153-21BE32857120}" = Microsoft SQL Server 2008 R2 Native Client
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 SP2 Database Engine Services
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 SP2 Database Engine Services
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"{027265AA-5ED8-8663-53AA-38619FD9A2BD}" = CCC Help German
"{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}" = PowerXpressHybrid
"{0A1A1D48-DB23-443A-BC7B-49255D138020}" = Entity Framework Designer for Visual Studio 2012 - enu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1363F067-AAF4-AFD1-756E-BC2A50A6997C}" = Catalyst Control Center Graphics Previews Common
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3D2B0F-856E-2069-D018-BC99511BB7AC}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212A7CC5-E705-CAA1-9E65-55D8E153FA47}" = CCC Help English
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3419C87F-43A2-499C-ADF2-B4E240899BCC}" = Catalyst Control Center - Branding
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35599D6A-B38F-553D-D0D4-58AC398C9EA8}" = CCC Help Polish
"{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}" = Citrix Online Launcher
"{44A03B6A-E353-4FA2-4D12-947165254092}" = CCC Help Danish
"{4A51D3DE-5815-0D92-2231-9F1DC242E9ED}" = CCC Help Swedish
"{544C85C8-505D-ECAC-ECEC-486158756AE9}" = CCC Help Greek
"{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}" = OpenOffice 4.0.0
"{56106ADC-CF84-DC5E-408D-FAD9CE29F6C7}" = Catalyst Control Center Profiles Mobile
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{589E9BCA-A8BD-551F-FFAF-8E4F5B75C196}" = CCC Help Norwegian
"{5BD1AE89-E7BE-69F3-6D31-8F90845A9413}" = CCC Help Dutch
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D1FE242-58F5-748A-7641-6BED91A0BDAA}" = CCC Help French
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{790E9425-8570-493F-9AE7-81AFC9E46930}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)
"{7AE842BA-98F7-5729-1B10-ACBBCEEF68AC}" = CCC Help Portuguese
"{808EC297-30DF-3B2B-E273-13397E9FF69D}" = CCC Help Japanese
"{813FC66D-2482-F5DB-E791-3FCDBE0C7AA2}" = CCC Help Chinese Traditional
"{82284382-30E3-4DED-980B-746278DA6CC2}" = Microsoft SQL Server Compact 4.0 SP1 Scripting Tools ENU CTP1
"{82CF7E86-682C-8BAE-68FB-D9B633D7D8D8}" = CCC Help Italian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89AF337E-DE2C-20ED-1C15-A067726C12D1}" = CCC Help Spanish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{92E19B5A-1985-49BF-9022-9CF4AD652C72}" = MySQL Connector Net 6.5.4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93D00104-E942-D10A-E431-F617518E3736}" = CCC Help Thai
"{984C7AA8-FE38-55FB-AEB6-A42905ECE1E8}" = Catalyst Control Center Localization All
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A51500FE-6408-4305-B071-B961F691A4CE}" = Microsoft SQL Server Compact 4.0 Web Tools ENU
"{A639DBAA-58B4-FB22-CCB3-BF79406D62A5}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = ES603 WDM Driver
"{AE9C95EB-24E3-B5CE-83F5-3E903955ED28}" = CCC Help Czech
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C136A1EA-6B13-9B2B-3BCC-99C455CE5B3D}" = CCC Help Korean
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C9DC3F41-279B-7707-6108-294A8154D421}" = CCC Help Chinese Standard
"{CA64CE92-87F5-9D0C-ADCA-F023614F870A}" = CCC Help Hungarian
"{cb29be6c-39c4-493e-9da7-d585d5353714}" = Microsoft ASP.NET Web Pages 2
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E9733776-4259-55DE-FEA6-575235FC153A}" = CCC Help Turkish
"{EA63C5C1-EBBC-477C-9CC7-41454DDFAFF2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F88CBFB4-86E0-44F9-3D94-3A94670EA26C}" = CCC Help Finnish
"{FA804794-2CCB-4301-954F-2C2894698876}" = Microsoft SQL Server Data Tools - enu (11.1.20627.00)
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FF32F536-E138-ABBF-D51D-3AC246B9FA8F}" = Catalyst Control Center InstallProxy
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"AudibleManager" = AudibleManager
"Brain Workshop_is1" = Brain Workshop 4.8.4
"Google Chrome" = Google Chrome
"InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = EgisTec ES603 WDM Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Pale Moon 25.0.2 (x86 en-US)" = Pale Moon 25.0.2 (x86 en-US)
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.8.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/30/2013 9:59:50 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/30/2013 9:59:50 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6677

Error - 9/30/2013 9:59:50 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6677

Error - 9/30/2013 9:59:51 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/30/2013 9:59:51 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7769

Error - 9/30/2013 9:59:51 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7769

Error - 9/30/2013 9:59:53 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/30/2013 9:59:53 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8955

Error - 9/30/2013 9:59:53 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8955

Error - 9/30/2013 9:59:54 PM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 10/31/2014 8:50:50 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
CFRMD fcyd nltjcns vmgiye

Error - 10/31/2014 8:51:37 PM | Computer Name = Palmer-PC | Source = DCOM | ID = 10016
Description =

Error - 10/31/2014 8:57:55 PM | Computer Name = Palmer-PC | Source = HTTP | ID = 15011
Description =

Error - 10/31/2014 9:01:19 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7000
Description = The CovenantEyesProxy service failed to start due to the following
error: %%2

Error - 10/31/2014 9:01:57 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
CFRMD fcyd nltjcns vmgiye voelfxrl

Error - 10/31/2014 9:02:14 PM | Computer Name = Palmer-PC | Source = DCOM | ID = 10016
Description =

Error - 10/31/2014 9:08:39 PM | Computer Name = Palmer-PC | Source = HTTP | ID = 15011
Description =

Error - 11/1/2014 7:29:59 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the IPBusEnum service.

Error - 11/1/2014 7:40:36 PM | Computer Name = Palmer-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070005: Windows Update Setup Handler.

Error - 11/1/2014 8:28:17 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.


< End of report >
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » November 2nd, 2014, 5:06 am

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box. (don't include Code: Select all)
Code: Select all
killallprocesses

:OTL
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\CE\CovenantEyesProxy.exe -- (CovenantEyesProxy)
DRV:64bit: - [2014/01/28 17:43:30 | 000,045,048 | ---- | M] () [Kernel | System | Running] -- C:\windows\SysNative\Drivers\cewd64r.sys -- (cewd64r)
DRV:64bit: - [2014/01/28 17:43:28 | 000,031,736 | ---- | M] () [File_System | System | Running] -- C:\windows\SysNative\Drivers\cewd64f.sys -- (cewd64f)
DRV - [2014/10/31 20:59:15 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\ptep.sys -- (voelfxrl)
DRV - [2014/10/31 20:47:49 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\owxvx.sys -- (fcyd)
DRV - [2014/10/31 15:41:08 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\qeooylo.sys -- (vmgiye)
DRV - [2014/10/31 15:21:47 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\fdhfucnj.sys -- (nltjcns)
[2014/10/31 15:21:47 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\fdhfucnj.sys
[2014/10/31 15:41:08 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\qeooylo.sys
[2014/10/28 06:58:11 | 000,031,736 | ---- | C] () -- C:\windows\SysNative\drivers\cewd64f.sys
[2014/10/31 20:59:15 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\ptep.sys
[2014/10/31 20:47:49 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\owxvx.sys
[2014/10/31 15:41:16 | 000,018,184 | ---- | C] () -- C:\3.reg
[2014/10/31 15:41:14 | 000,000,000 | ---- | C] () -- C:\2.reg
[2014/10/31 15:41:13 | 000,001,298 | ---- | C] () -- C:\1.reg

:files
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

:commands
[emptytemp]
[resethosts]
[startexplorer]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » November 2nd, 2014, 8:45 am

All processes killed
Error: Unable to interpret <killallprocesses> in the current context!
========== OTL ==========
Service CovenantEyesProxy stopped successfully!
Service CovenantEyesProxy deleted successfully!
File C:\Program Files\CE\CovenantEyesProxy.exe not found.
Error: Unable to stop service cewd64r!
Unable to delete service\driver key cewd64r.
File C:\windows\SysNative\Drivers\cewd64r.sys not found.
Error: Unable to stop service cewd64f!
Unable to delete service\driver key cewd64f.
File C:\windows\SysNative\Drivers\cewd64f.sys not found.
Service voelfxrl stopped successfully!
Service voelfxrl deleted successfully!
C:\Windows\SysWOW64\drivers\ptep.sys moved successfully.
Service fcyd stopped successfully!
Service fcyd deleted successfully!
C:\Windows\SysWOW64\drivers\owxvx.sys moved successfully.
Service vmgiye stopped successfully!
Service vmgiye deleted successfully!
C:\Windows\SysWOW64\drivers\qeooylo.sys moved successfully.
Service nltjcns stopped successfully!
Service nltjcns deleted successfully!
C:\Windows\SysWOW64\drivers\fdhfucnj.sys moved successfully.
File C:\windows\SysWow64\drivers\fdhfucnj.sys not found.
File C:\windows\SysWow64\drivers\qeooylo.sys not found.
File C:\windows\SysNative\drivers\cewd64f.sys not found.
File C:\windows\SysWow64\drivers\ptep.sys not found.
File C:\windows\SysWow64\drivers\owxvx.sys not found.
C:\3.reg moved successfully.
C:\2.reg moved successfully.
C:\1.reg moved successfully.
========== FILES ==========
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419 folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0 folder moved successfully.
C:\Users\Palmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Palmer
->Temp folder emptied: 267225 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 11590089 bytes
->Flash cache emptied: 602 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10917 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 970815 bytes

Total Files Cleaned = 12.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error: Unable to interpret <[startexplorer]> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 11022014_071629

Files\Folders moved on Reboot...
C:\Users\Palmer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » November 2nd, 2014, 9:47 am

How is your computer running now, are you still able to connect to HTTPS sites ?
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » November 2nd, 2014, 4:40 pm

The computer seems to be running fine. I am able to connect to HTTPS sites from both Pale Moon and Chrome (I deleted Comodo Dragon, because I think it was part of the problem too)

Do you think I'll be able to download filtering software again and be ok at this point?
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » November 3rd, 2014, 2:46 am

Since your problem apears to have been resolved, then all that's left for us to do is remove the programs we've been using to clean your computer.

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check all the boxes then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Post the contents of this notepad in your next reply.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.

As far as installing a new filtering program goes, I can't see any reason why you shouldn't be able to install a filter, just don't use Covenant Eyes. Any program that doesn't fully uninstall when you want it to, is not IMO a program that you ever want on your computer.

I'm sure there must be plenty of other programs available that will not give you problems.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Again Cannot connect to Secure Sites

Unread postby boondoc » November 3rd, 2014, 6:13 am

# DelFix v10.8 - Logfile created 03/11/2014 at 04:59:49
# Updated 29/07/2014 by Xplode
# Username : Palmer - PALMER-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\avenger.txt
Deleted : C:\Users\Palmer\Desktop\dds.scr
Deleted : C:\Users\Palmer\Desktop\FRST64.exe
Deleted : C:\Users\Palmer\Desktop\OTL.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #153 [Installed Free Facebook Video Downloader | 08/21/2014 02:21:16]
Deleted : RP #154 [Windows Update | 08/27/2014 11:33:51]
Deleted : RP #155 [Removed Skype™ 6.18 | 10/22/2014 01:14:47]
Deleted : RP #156 [Removed Skype Click to Call | 10/22/2014 01:31:37]
Deleted : RP #157 [Removed Covenant Eyes | 10/27/2014 00:08:33]
Deleted : RP #158 [Installed iTunes | 10/27/2014 01:16:52]
Deleted : RP #159 [Installed Covenant Eyes | 10/27/2014 12:24:12]
Deleted : RP #160 [Installed Covenant Eyes | 10/27/2014 23:59:48]
Deleted : RP #161 [Restore from Reg Changes | 10/29/2014 00:16:13]
Deleted : RP #162 [Removed Skype Click to Call | 11/01/2014 00:33:39]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
boondoc
Regular Member
 
Posts: 40
Joined: November 15th, 2012, 9:02 pm

Re: Again Cannot connect to Secure Sites

Unread postby Gary R » November 3rd, 2014, 6:25 am

Looks good, I think we're pretty much finished now.

Don't forget to delete delfix

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 125 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware