Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trying to get rid of the babylon toolbar pleez help? [Closed]


  • This topic is locked This topic is locked

#1
andilee

andilee

    Member

  • Member
  • PipPip
  • 17 posts
I want to get rid of the babylon toolbar. This is my report from OTL:

OTL logfile created on: 4/6/2012 8:54:08 AM - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Andrea\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 55.78% Memory free
7.81 Gb Paging File | 5.69 Gb Available in Paging File | 72.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.24 Gb Total Space | 71.67 Gb Free Space | 60.11% Space Free | Partition Type: NTFS
Drive D: | 153.85 Gb Total Space | 153.76 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: SWEETIE | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Andrea\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe (Panda Security S.L.)
PRC - C:\Program Files (x86)\Shutterfly\Studio\Bin\SFlyStudio.exe ()
PRC - C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\SFlyStudio.exe ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmslideshow.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmopengl.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmphotomgr.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmwindowing.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmdirectx.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmimgmgr.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmpersist.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmbrowser.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmimglib.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmexiftags.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmcommon.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmthreading.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmlangres.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\libexpat.dll ()
MOD - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\MiniCrypto.dll ()
MOD - C:\Program Files (x86)\Shutterfly\Studio\Bin\mmpartner_langres.dll ()
MOD - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\LIBXML2.DLL ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (TPSrv) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe (Panda Security, S.L.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (PAVFNSVR) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe (Panda Security, S.L.)
SRV - (PskSvcRetail) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe (Panda Security, S.L.)
SRV - (PAVSRV) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe (Panda Security, S.L.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (Panda Software Controller) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe (Panda Security, S.L.)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PSIMSVC) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe (Panda Security S.L.)
SRV - (PavPrSrv) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
DRV:64bit: - (AmFSM) -- C:\Windows\SysNative\drivers\amm6460.sys (Panda Security, S.L.)
DRV:64bit: - (ShldFlt) -- C:\Windows\SysNative\drivers\ShldFlt.sys (Panda Security, S.L.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000c860000a5ac7
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGHP_enUS472
IE - HKCU\..\SearchScopes\{ED358191-76A4-4D80-AF05-59D365B619F9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.babylo...00c860000a5ac7"
FF - prefs.js..keyword.URL: "http://search.babylo...860000a5ac7&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Users\Andrea\AppData\Local\RewardsArcade\498\Firefox [2012/02/20 09:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/23 11:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/02/20 02:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions
[2012/04/03 22:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions
[2012/03/30 12:36:55 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions\[email protected]
[2012/04/06 02:29:31 | 000,002,264 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\searchplugins\audiblecom.xml
[2012/02/24 02:31:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MP3IKG4O.DEFAULT\EXTENSIONS\[email protected]
[2012/03/23 11:17:41 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/30 12:27:42 | 000,002,353 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/03/23 11:17:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/11 22:39:51 | 000,002,127 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\blekkotb.xml
[2012/03/23 11:17:37 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Search = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: RewardsArcade = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.13.61_0\
CHR - Extension: Gmail = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (RewardsArcade) - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll (215 Apps)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [ShutterflyStudio] C:\Program Files (x86)\Shutterfly\Studio\BIN\SFlyStudio.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA99E6A4-0090-4232-ADB1-A32A4D50F9BF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/06 02:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/04/06 02:24:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\PackageAware
[2012/04/06 02:03:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/06 01:30:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012/04/06 01:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012/04/06 01:30:45 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Audible
[2012/04/06 01:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audible
[2012/04/03 22:08:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A2D75B2F-4724-4669-BABC-F3A6AA597503}
[2012/04/03 01:32:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Primal 3D Body
[2012/04/03 01:31:50 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012/04/03 01:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Primal 3D Body
[2012/04/03 01:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Primal 3D Body
[2012/03/30 14:11:38 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\blekkotb
[2012/03/30 12:26:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Babylon
[2012/03/30 12:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/03/30 12:25:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Babylon
[2012/03/30 11:27:12 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Documents\Scanned Documents
[2012/03/30 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Fax
[2012/03/28 19:38:20 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{DF7679B1-19AF-4DB5-874D-A6F7F2EE3741}
[2012/03/27 23:06:20 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{7EA8A0A9-4F33-4516-AEE9-22C8C716A2F5}
[2012/03/27 23:06:09 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{B52A316C-F3D8-4AC3-BAAC-87ED19AC6603}
[2012/03/27 11:05:48 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{83A70C91-E951-4F5A-924F-175C7681AD2B}
[2012/03/27 11:05:37 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{9E7A597A-36E0-422D-819F-F383DB3FA5C9}
[2012/03/26 23:05:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{8DA0C062-A8F0-4DFE-91EE-649A2CF02AD4}
[2012/03/26 23:04:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A55CAF77-5AAC-4C6E-827A-41189E0972C1}
[2012/03/24 08:17:17 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/24 08:17:17 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/24 08:17:16 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/23 08:09:49 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\nursing made incred easy
[2012/03/22 21:30:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Desktop\EXAM TUES
[2012/03/22 14:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/22 12:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/03/22 11:54:59 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{FEA4C558-F28F-4731-9192-C1BF5527ABD0}
[2012/03/22 11:54:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{5E968E70-BB5C-4E39-A048-C9ACDD08B1F0}
[2012/03/15 11:19:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/03/13 17:54:35 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/13 17:54:17 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/13 17:54:17 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/13 17:54:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/13 17:54:16 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/13 17:54:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/12 18:59:35 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\fundies clinical
[2012/03/11 22:40:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Shutterfly
[2012/03/11 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shutterfly Studio
[2012/03/11 22:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly Studio
[2012/03/11 22:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shutterfly
[2012/03/11 10:31:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\beck diet solution
[2012/03/10 16:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/03/10 16:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/03/10 14:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/03/09 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{61F0BC1D-DB8B-441A-8A6A-97718CDDAF89}
[2012/03/09 20:02:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A0B841E0-2C4A-4CBF-B164-465A906EA345}
[2012/03/09 20:01:59 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\My Weblog Posts
[2012/03/09 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Windows Live Writer
[2012/03/09 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Windows Live Writer
[2012/03/08 14:52:33 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{DBA2C8B3-7F40-40DC-9B37-6BF5F51E1DE9}
[2012/03/08 14:52:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{AAE97C66-E395-4D8C-A3C5-142F84F441F9}
[2012/03/07 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{672A0BB4-1185-4CA7-AF50-4ADDDD408182}
[2012/03/07 20:34:54 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{D8653D0B-3C36-4262-9A77-54D1AA0B1C81}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/06 08:11:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/06 08:02:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001UA.job
[2012/04/06 08:01:15 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/06 07:58:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 07:58:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 07:56:57 | 000,002,138 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/04/06 07:53:28 | 000,001,294 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/04/06 07:51:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/06 02:48:56 | 000,424,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/06 02:48:40 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/06 01:30:45 | 000,002,117 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/04/05 21:42:26 | 000,002,405 | ---- | M] () -- C:\Users\Andrea\Desktop\Google Chrome.lnk
[2012/04/05 12:31:56 | 000,125,360 | ---- | M] () -- C:\Users\Andrea\Documents\Statement 2010 Pdf.pdf
[2012/04/05 12:06:24 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001Core.job
[2012/04/04 12:14:21 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2012/04/03 22:16:50 | 000,072,180 | ---- | M] () -- C:\Users\Andrea\Desktop\image201203310021 (640x456).jpg
[2012/04/03 22:10:12 | 000,114,898 | ---- | M] () -- C:\Users\Andrea\Desktop\image201203310021 (640x456) (2).jpg
[2012/04/03 01:31:50 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012/04/02 14:32:22 | 000,007,596 | ---- | M] () -- C:\Users\Andrea\AppData\Local\Resmon.ResmonCfg
[2012/04/02 14:32:11 | 000,001,254 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shutterfly Studio.lnk
[2012/04/02 14:32:11 | 000,001,230 | ---- | M] () -- C:\Users\Andrea\Desktop\Shutterfly Studio.lnk
[2012/04/02 00:24:11 | 000,794,922 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/02 00:24:11 | 000,672,182 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/02 00:24:11 | 000,125,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/01 13:52:58 | 000,001,106 | ---- | M] () -- C:\Users\Andrea\Desktop\Pictures - Shortcut.lnk
[2012/04/01 09:27:39 | 000,003,584 | ---- | M] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/31 20:40:30 | 000,036,003 | ---- | M] () -- C:\Users\Andrea\Desktop\image201203310002.jpg
[2012/03/31 20:40:22 | 000,035,676 | ---- | M] () -- C:\Users\Andrea\Desktop\image201203310001.jpg
[2012/03/30 12:43:30 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/03/30 12:29:04 | 000,000,237 | ---- | M] () -- C:\user.js
[2012/03/30 12:05:35 | 000,000,196 | -H-- | M] () -- C:\Windows\SysWow64\tscct1.dll
[2012/03/29 17:10:09 | 000,789,138 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/27 20:27:10 | 000,258,942 | ---- | M] () -- C:\Users\Andrea\Desktop\032712usbankacct.png
[2012/03/25 23:56:41 | 000,160,443 | ---- | M] () -- C:\Users\Andrea\Desktop\LOOPOFHENLE.png
[2012/03/23 15:28:22 | 000,104,866 | ---- | M] () -- C:\Users\Andrea\Desktop\fafsa.pdf
[2012/03/23 11:28:34 | 000,002,459 | ---- | M] () -- C:\Users\Andrea\Desktop\Microsoft PowerPoint 2010.lnk
[2012/03/23 11:27:32 | 000,001,087 | ---- | M] () -- C:\Users\Andrea\Desktop\Documents - Shortcut.lnk
[2012/03/22 14:55:28 | 000,001,132 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/03/22 14:55:28 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/03/22 14:37:12 | 000,032,686 | ---- | M] () -- C:\Users\Andrea\Documents\My Movie.wlmp
[2012/03/22 14:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/17 16:12:43 | 000,400,096 | ---- | M] () -- C:\Users\Andrea\Desktop\Christopher P. Lemke Resume February 2012.pdf
[2012/03/15 12:01:45 | 000,169,191 | ---- | M] () -- C:\Users\Andrea\Desktop\TaxReturn.pdf
[2012/03/13 18:59:27 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/10 01:01:33 | 000,201,421 | ---- | M] () -- C:\Users\Andrea\Desktop\accessController.pdf
[2012/03/08 17:42:02 | 000,125,360 | ---- | M] () -- C:\Users\Andrea\Desktop\StatementPdf.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/06 01:30:45 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/04/05 12:31:56 | 000,125,360 | ---- | C] () -- C:\Users\Andrea\Documents\Statement 2010 Pdf.pdf
[2012/04/03 22:10:37 | 000,114,898 | ---- | C] () -- C:\Users\Andrea\Desktop\image201203310021 (640x456) (2).jpg
[2012/04/03 22:10:22 | 000,072,180 | ---- | C] () -- C:\Users\Andrea\Desktop\image201203310021 (640x456).jpg
[2012/04/01 14:44:14 | 000,240,855 | ---- | C] () -- C:\Users\Andrea\StudentNotebook.onepkg
[2012/04/01 13:51:36 | 000,001,106 | ---- | C] () -- C:\Users\Andrea\Desktop\Pictures - Shortcut.lnk
[2012/04/01 09:27:39 | 000,003,584 | ---- | C] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/31 20:40:30 | 000,036,003 | ---- | C] () -- C:\Users\Andrea\Desktop\image201203310002.jpg
[2012/03/31 20:40:22 | 000,035,676 | ---- | C] () -- C:\Users\Andrea\Desktop\image201203310001.jpg
[2012/03/30 12:29:03 | 000,000,237 | ---- | C] () -- C:\user.js
[2012/03/30 12:02:59 | 000,000,196 | -H-- | C] () -- C:\Windows\SysWow64\tscct1.dll
[2012/03/27 20:27:10 | 000,258,942 | ---- | C] () -- C:\Users\Andrea\Desktop\032712usbankacct.png
[2012/03/25 22:27:32 | 000,160,443 | ---- | C] () -- C:\Users\Andrea\Desktop\LOOPOFHENLE.png
[2012/03/23 15:28:22 | 000,104,866 | ---- | C] () -- C:\Users\Andrea\Desktop\fafsa.pdf
[2012/03/23 11:28:34 | 000,002,459 | ---- | C] () -- C:\Users\Andrea\Desktop\Microsoft PowerPoint 2010.lnk
[2012/03/23 11:27:32 | 000,001,087 | ---- | C] () -- C:\Users\Andrea\Desktop\Documents - Shortcut.lnk
[2012/03/22 14:55:28 | 000,001,132 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/03/22 14:55:28 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/03/22 14:37:12 | 000,032,686 | ---- | C] () -- C:\Users\Andrea\Documents\My Movie.wlmp
[2012/03/17 16:12:43 | 000,400,096 | ---- | C] () -- C:\Users\Andrea\Desktop\Christopher P. Lemke Resume February 2012.pdf
[2012/03/15 12:01:45 | 000,169,191 | ---- | C] () -- C:\Users\Andrea\Desktop\TaxReturn.pdf
[2012/03/15 11:19:58 | 000,002,405 | ---- | C] () -- C:\Users\Andrea\Desktop\Google Chrome.lnk
[2012/03/15 11:19:25 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001UA.job
[2012/03/15 11:19:24 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001Core.job
[2012/03/13 21:59:16 | 000,071,207 | ---- | C] () -- C:\Users\Andrea\Documents\image201202250001.jpg
[2012/03/11 22:39:55 | 000,001,254 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shutterfly Studio.lnk
[2012/03/11 22:39:55 | 000,001,230 | ---- | C] () -- C:\Users\Andrea\Desktop\Shutterfly Studio.lnk
[2012/03/10 01:01:33 | 000,201,421 | ---- | C] () -- C:\Users\Andrea\Desktop\accessController.pdf
[2012/03/08 17:42:02 | 000,125,360 | ---- | C] () -- C:\Users\Andrea\Desktop\StatementPdf.pdf
[2012/02/29 20:30:58 | 000,007,596 | ---- | C] () -- C:\Users\Andrea\AppData\Local\Resmon.ResmonCfg
[2012/01/07 22:19:43 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011/11/03 05:19:25 | 000,789,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/17 22:50:05 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/17 22:49:58 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/17 22:49:53 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/17 22:49:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/17 22:49:47 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there when you re-run OTL on completion of this could you ensure all users is selected please

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000c860000a5ac7
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylo...00c860000a5ac7"
    FF - prefs.js..keyword.URL: "http://search.babylo...860000a5ac7&q="
    [2012/03/30 12:27:42 | 000,002,353 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2012/03/30 12:26:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Babylon
    [2012/03/30 12:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2012/03/30 12:25:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Babylon
    [2012/03/30 12:43:30 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe


    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP