I'm using my girlfriend's computer and it seems to me that it's been infected by a few viruses. Any time I attempt to install a program into, or remove a program from, either her Program Files or Program Files (x86) folders, I'm barred from doing so. I've tried running as an administrator as well to no avail. I'm not sure of the exact nature of the infection or how it was acquired, but I have so far used MalwareBytes & SUPERAntiSpyware in order to remove what I could, but the problem still persists. Enclosed is a quick scan log I've generated from OTL, as requested. Any and all help given to resolve this matter will be greatly appreciated!
OTL logfile created on: 26/05/2012 1:45:07 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\sam\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.96 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 44.54% Memory free
8.12 Gb Paging File | 5.38 Gb Available in Paging File | 66.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.76 Gb Total Space | 314.12 Gb Free Space | 69.53% Space Free | Partition Type: NTFS
Drive D: | 7.60 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: SAM-PC | User Name: sam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/26 13:44:40 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\sam\Downloads\OTL.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/25 16:55:45 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/12 19:44:59 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/12 19:44:56 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/11/24 22:04:06 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011/11/24 22:04:06 | 002,216,960 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2011/11/24 22:04:06 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
PRC - [2010/07/06 10:01:16 | 002,634,048 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009/04/11 02:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/11/17 21:54:44 | 004,933,120 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2008/09/09 21:58:36 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2008/07/21 12:59:10 | 001,069,056 | ---- | M] (Audiovox Electronics Corp.) -- C:\Users\sam\Documents\RCA Detective\RCADetective.exe
PRC - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 20:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/02/12 04:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
========== Modules (No Company Name) ==========
MOD - [2012/04/30 11:36:30 | 000,079,872 | ---- | M] () -- C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\y0uk3d5x.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko12.dll
MOD - [2012/04/25 16:55:44 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/03/12 19:44:56 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/20 16:53:53 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/17 02:29:04 | 002,401,792 | ---- | M] () -- C:\Program Files (x86)\SAMSUNG\Intelli-studio\Filters\HTH264VD.dll
MOD - [2010/06/28 08:21:42 | 009,905,152 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2010/06/28 08:21:42 | 007,793,152 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2010/06/28 08:21:42 | 002,530,304 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtXmlPatterns4.dll
MOD - [2010/06/28 08:21:42 | 002,094,592 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2010/06/28 08:21:42 | 001,116,160 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2010/06/28 08:21:42 | 000,915,456 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2010/06/28 08:21:42 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2010/06/28 08:21:42 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2010/06/28 08:21:42 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
MOD - [2010/06/11 00:10:34 | 001,629,186 | ---- | M] () -- C:\Program Files (x86)\Spyware Terminator\TorentDll.dll
MOD - [2010/06/03 14:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/11/17 21:54:44 | 004,933,120 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/12/10 05:04:58 | 000,935,424 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 11:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/25 16:55:45 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/12 19:44:59 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/11/24 22:04:06 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011/11/16 12:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/07/28 17:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/02/12 04:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/10 06:31:26 | 004,993,024 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/28 23:44:20 | 000,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 20:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 04:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 05:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/26 19:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 21:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 04:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/27 18:38:12 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/01/20 22:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/10/31 14:22:50 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/10/31 14:19:46 | 000,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/10/31 14:18:32 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/17 11:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/06/18 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 14:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...=0809&m=md7811u
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0809&m=md7811u
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...=0809&m=md7811u
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0809&m=md7811u
IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACGW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2653012
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...=0809&m=md7811u
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.c...w=%s&tbid=60446
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.c...aspx?tbid=60446
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60446
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ACGW_en___CA352
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-01-05 22:47:54&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C15E1A4D-E557-4012-B067-21E660103136}: "URL" = http://search.avg.co...}&iy=b&ychte=us
IE - HKCU\..\SearchScopes\{D6F9ED62-BE6D-480A-9813-8346CADEC436}: "URL" = http://websearch.ask...7-CE8DE5C37E1B
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "192.168.*.*,*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\sam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\sam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\sam\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\sam\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 20:22:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/12 19:45:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/15 19:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/15 19:38:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 16:55:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 20:22:54 | 000,000,000 | ---D | M]
[2012/02/01 23:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sam\AppData\Roaming\Mozilla\Extensions
[2012/05/02 12:23:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\y0uk3d5x.default\extensions
[2012/05/01 12:49:35 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\y0uk3d5x.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/03/31 14:22:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\y0uk3d5x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/18 17:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/15 19:38:51 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
File not found (No name found) -- C:\PROGRAM FILES (X86)\CRAWLER\FIREFOX
[2012/02/01 23:33:21 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\SAM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y0UK3D5X.DEFAULT\EXTENSIONS\[email protected]
[2012/04/25 16:55:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/12 19:44:55 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/01/29 09:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2012/01/29 09:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...&ctid=CT3072253
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AVG Safe Search = C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: uTorrentControl2 = C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.3.3_0\
CHR - Extension: Gmail = C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files (x86)\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] "C:\Users\sam\Desktop\uTorrent.exe" /MINIMIZED File not found
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk = C:\Users\sam\Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FAE8223-89E3-482C-9BC1-822EDD1F194E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\sam\Documents\Rock Star Photos\bob-dylan.jpg
O24 - Desktop BackupWallPaper: C:\Users\sam\Documents\Rock Star Photos\bob-dylan.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/02 17:42:35 | 000,000,058 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{31e1447a-cc97-11de-bfb3-00269e1c4874}\Shell - "" = AutoRun
O33 - MountPoints2\{31e1447a-cc97-11de-bfb3-00269e1c4874}\Shell\AutoRun\command - "" = E:\DigitalPhotoViewer.exe
O33 - MountPoints2\{7e9294f3-936c-11de-a585-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7e9294f3-936c-11de-a585-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Diablo III Setup.exe -- [2012/02/02 17:42:35 | 001,856,592 | ---- | M] (Blizzard Entertainment)
O33 - MountPoints2\{851dfc17-d78e-11de-8054-00269e1c4874}\Shell\AutoRun\command - "" = E:\rcaDVM_setup.exe
O33 - MountPoints2\{851dfc17-d78e-11de-8054-00269e1c4874}\Shell\install\command - "" = E:\rcaDVM_setup.exe
O33 - MountPoints2\{ac639f20-55fe-11df-8efb-00269e1c4874}\Shell - "" = AutoRun
O33 - MountPoints2\{ac639f20-55fe-11df-8efb-00269e1c4874}\Shell\AutoRun\command - "" = E:\AUTORun.exe autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/26 13:28:32 | 001,079,112 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\procexp64.exe
[2012/05/26 13:24:25 | 000,555,640 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\autorunsc.exe
[2012/05/26 13:24:24 | 000,643,192 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\autoruns.exe
[2012/05/26 13:23:57 | 004,777,280 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\procexp.exe
[2012/05/25 20:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/05/25 19:10:13 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2012/05/25 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\SUPERAntiSpyware.com
[2012/05/25 14:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/25 14:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/25 14:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/25 14:04:20 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\sam\Desktop\HijackThis.exe
[2012/05/25 13:59:24 | 000,000,000 | ---D | C] -- C:\Users\sam\Desktop\mp3DirectCut
[2012/05/22 09:49:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/05/20 00:10:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
[2012/05/19 21:06:34 | 000,000,000 | ---D | C] -- C:\Users\sam\Documents\Diablo III
[2012/05/19 20:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/19 20:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012/05/19 20:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/05/19 20:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/05/19 19:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/05/15 19:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/12 20:27:10 | 000,000,000 | ---D | C] -- C:\Users\sam\Documents\PSW
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/26 13:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061613034-1311338841-1685110122-1000UA.job
[2012/05/26 13:29:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/26 13:28:32 | 001,079,112 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\procexp64.exe
[2012/05/26 13:28:25 | 099,176,094 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/05/26 13:22:37 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 13:22:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/26 13:22:36 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/25 19:10:04 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/25 19:09:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/05/25 19:09:40 | 4258,185,216 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/25 18:29:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4061613034-1311338841-1685110122-1000Core.job
[2012/05/25 14:35:12 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/25 14:34:41 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/25 14:04:21 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\sam\Desktop\HijackThis.exe
[2012/05/25 12:58:25 | 005,399,771 | ---- | M] () -- C:\Users\sam\Desktop\Michio Kaku_ The Theory of Everything(edit1).mp3
[2012/05/25 12:13:30 | 006,655,060 | ---- | M] () -- C:\Users\sam\Desktop\Michio Kaku_ The Theory of Everything.mp3
[2012/05/23 20:56:07 | 005,722,143 | ---- | M] () -- C:\Users\sam\Desktop\elliott-baines.PDF
[2012/05/22 17:21:13 | 000,492,652 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/05/22 17:18:08 | 000,007,052 | ---- | M] () -- C:\Users\sam\AppData\Local\d3d9caps.dat
[2012/05/21 16:30:32 | 000,643,192 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\autoruns.exe
[2012/05/21 16:30:32 | 000,555,640 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\sam\Desktop\autorunsc.exe
[2012/05/19 20:57:44 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/13 18:50:52 | 000,707,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/13 18:50:52 | 000,612,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/13 18:50:52 | 000,109,860 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/11 03:37:17 | 000,390,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/26 13:24:24 | 000,049,648 | ---- | C] () -- C:\Users\sam\Desktop\autoruns.chm
[2012/05/26 13:23:57 | 000,072,268 | ---- | C] () -- C:\Users\sam\Desktop\procexp.chm
[2012/05/25 14:35:12 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/25 14:34:41 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/25 12:58:24 | 005,399,771 | ---- | C] () -- C:\Users\sam\Desktop\Michio Kaku_ The Theory of Everything(edit1).mp3
[2012/05/25 12:13:06 | 006,655,060 | ---- | C] () -- C:\Users\sam\Desktop\Michio Kaku_ The Theory of Everything.mp3
[2012/05/23 20:55:26 | 005,722,143 | ---- | C] () -- C:\Users\sam\Desktop\elliott-baines.PDF
[2012/05/19 20:21:03 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/08 19:19:30 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2010/10/28 22:54:00 | 000,707,330 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/11 00:09:36 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
========== LOP Check ==========
[2012/01/05 23:52:08 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\AVG2012
[2010/07/20 13:57:36 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Ludia
[2010/06/11 00:07:59 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\OpenCandy
[2011/11/27 10:30:57 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Spyware Terminator
[2009/10/30 21:47:57 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Template
[2012/02/23 18:23:08 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\uTorrent
[2009/11/08 23:04:01 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\WildTangent
[2012/01/19 22:23:22 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\WindSolutions
[2012/05/25 19:08:38 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >