My computer has been having trouble with Internet Explorer. When starting Internet Explorer, I am taken to this URL: http://websearch.mocaflix.com/ even though that is not my home page. I have tried to change my home page with no success. This page is usually blank and I can not leave the page by typing a link in the URL box. However, sometimes there is a box in the middle of the page that I can type in. When typing here, I am brought to Yahoo search results for whatever I just typed.
When my computer first started acting up, there was a program on my desktop that I did not put there called Optimizer. There was also an installer called Dnd. I used the basic uninstaller in the Control Panel to uninstall Optimizer, and then deleted Dnd. I have also run multiple Norton scans, which turned up nothing, Norton temporary file cleaner and a few Malwarebytes scans, which did find and remove a total of three threats. I have tried resetting IE to its default settings by using the Network and Sharing Center as the Internet explorer tools drop down menu has everything greyed out and unselectable. Resetting IE did not have any noticeable effect.
The problems started when I downloaded something that was linked to on a chat group I frequent.
This is all the information that I can think of at the moment. I was not able to download OTL on this computer, but by downloading it on another computer and putting it on a USB memory to get it to this computer. Here is the OTL scan results.
OTL logfile created on: 12/5/2012 9:25:02 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julia\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.99 Gb Total Physical Memory | 3.68 Gb Available Physical Memory | 61.49% Memory free
12.15 Gb Paging File | 9.78 Gb Available in Paging File | 80.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.11 Gb Total Space | 3.84 Gb Free Space | 0.66% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 3.80 Gb Free Space | 25.33% Space Free | Partition Type: NTFS
Drive F: | 1.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 1.86 Gb Total Space | 0.00 Gb Free Space | 0.16% Space Free | Partition Type: FAT32
Computer Name: JULIA-PC | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/12/05 21:17:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julia\Desktop\OTL.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2009/01/05 16:19:10 | 000,824,560 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/01/05 16:19:10 | 000,480,496 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe
PRC - [2008/11/03 08:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2008/09/16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/06/06 14:34:48 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe
========== Modules (No Company Name) ==========
MOD - [2012/12/05 16:58:23 | 000,128,000 | ---- | M] () -- C:\ProgramData\SaveAs\50bfc37f351d6.ocx
MOD - [2012/12/05 16:55:45 | 000,128,000 | ---- | M] () -- C:\ProgramData\SaveAs\50bfc2e1eb165.ocx
MOD - [2012/11/15 11:42:30 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll
MOD - [2012/11/15 11:41:20 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7844c1ae91c8f584025756ad72e65176\System.Web.Services.ni.dll
MOD - [2012/11/15 11:40:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012/11/15 11:39:04 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012/11/15 11:38:53 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012/11/15 11:38:47 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012/11/15 11:37:35 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012/11/15 11:37:23 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012/10/11 05:54:00 | 000,427,520 | ---- | M] () -- c:\Program Files (x86)\MocaFlix\sprotector.dll
MOD - [2008/11/03 08:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2008/11/03 08:54:00 | 000,262,384 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2008/11/03 08:54:00 | 000,132,336 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2008/11/03 08:54:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2008/11/03 08:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2008/11/03 08:54:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2007/03/29 15:47:00 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
MOD - [2006/12/10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/24 12:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 12:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 12:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 05:03:36 | 000,099,048 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2009/08/28 14:33:32 | 000,154,352 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV:64bit: - [2009/03/16 15:27:20 | 000,211,968 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008/12/22 02:37:34 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/12/07 00:52:36 | 000,191,896 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
SRV - [2012/11/09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/03 23:18:15 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/05 16:19:10 | 000,824,560 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2008/09/16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/05/14 09:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 09:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 09:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/11 16:44:09 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 20:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2010/11/15 20:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/09 05:03:32 | 000,143,464 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2010/08/05 13:02:56 | 000,144,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/16 09:22:40 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 09:22:40 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 09:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 09:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/16 16:34:24 | 005,203,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2009/03/16 16:34:24 | 005,203,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/02/20 00:18:02 | 000,110,096 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2008/12/22 02:37:14 | 000,185,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/09/28 07:46:48 | 000,316,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2008/09/28 03:22:14 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/06/18 15:48:54 | 000,029,184 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\packet.sys -- (Packet)
DRV:64bit: - [2008/05/23 15:54:38 | 000,033,888 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2008/04/08 02:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:64bit: - [2007/08/15 22:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV - [2012/10/23 18:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20121130.005\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/12 20:39:21 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121205.002\ex64.sys -- (NAVEX15)
DRV - [2012/09/12 20:38:59 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20121205.002\eng64.sys -- (NAVENG)
DRV - [2012/08/31 19:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20121204.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/10 18:44:07 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/10 18:44:07 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/06/26 21:10:38 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.moc...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice...b&orig=IMC-IEDS
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADBS_en
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.moc...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin: C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MySpace\Toolbar\1.0.72.0\ [2010/04/25 17:18:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/28 08:39:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/01/31 08:39:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2012/12/05 19:48:58 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010/04/10 14:06:19 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files (x86)\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O2 - BHO: (SaveAs Class) - {34E272A9-FD41-CFC6-4ECE-77A2D7BD08D1} - C:\ProgramData\SaveAs\50bfc37f351d6.ocx ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SaveAs Class) - {DC46CCB4-B719-C2AB-8A54-466307929AE0} - C:\ProgramData\SaveAs\50bfc2e1eb165.ocx ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files (x86)\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4:64bit: - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DLUPDR] C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [EverioService] C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [iClippy] C:\Program Files (x86)\iClippy\iClippy.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30618; Zune 4.0)" -"http://www.chem.iast.../CuZncell.html" File not found
O4 - Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.72.0.cab (SysInfo Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.112.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4686BD6F-9EBB-41FF-9246-B9722A715C43}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99C544C8-1534-4A9F-9D0B-EAE7A1209794}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA2D3788-0C99-460A-B1D1-AE06EF2E6D26}: DhcpNameServer = 192.168.1.1 68.238.112.12
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\mocaflix\sprote~1.dll) - c:\Program Files (x86)\MocaFlix\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Julia\Pictures\Pretties\love.jpg
O24 - Desktop BackupWallPaper: C:\Users\Julia\Pictures\Pretties\love.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b367c88f-7322-11e0-8377-0024e807bd7a}\Shell - "" = AutoRun
O33 - MountPoints2\{b367c88f-7322-11e0-8377-0024e807bd7a}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/12/05 21:24:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Julia\Desktop\OTL.exe
[2012/12/05 16:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/12/05 16:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MocaFlix
[2012/12/05 16:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/12/05 16:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveAs
[2012/12/05 16:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs
[2012/12/05 16:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/12/05 10:18:37 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{9E127D3C-A0C6-4A51-9749-BC4FD53C6D30}
[2012/12/04 10:30:13 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{0A329F27-ADDF-4F56-B929-7FEBFA86F449}
[2012/12/03 08:18:57 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{452CDB73-1A02-4ACD-946B-EFDDFD9EAC99}
[2012/12/02 11:29:37 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{4457A874-6ECB-4CF2-BE84-B9CEB04DCFB2}
[2012/12/01 11:08:21 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{259109EB-DF1C-42FA-9355-DFD2B85ACD9A}
[2012/11/30 10:42:01 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{E543B11A-4745-4BE6-BAC5-ABC5B47D8E8D}
[2012/11/29 08:48:15 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{B4EEE24B-CC4E-4EDD-B8B2-A7A318FE5394}
[2012/11/29 08:28:06 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{9C98CCFE-4740-4451-AD4A-F17A256ECB8A}
[2012/11/28 08:52:29 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{05087C27-C152-479F-8F1A-D9635B12108C}
[2012/11/27 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Julia\Desktop\college app stuff
[2012/11/27 15:17:23 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{DD4B0F08-233E-4109-8EEC-963512F05E02}
[2012/11/26 08:06:40 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{0D7DF274-E032-4582-A384-CB2034EFBA3E}
[2012/11/25 10:57:53 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{B806657A-362A-4EB0-B28A-B0EF17357975}
[2012/11/24 11:36:48 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{CF33F632-1F08-4C76-ABED-63535E261BD7}
[2012/11/23 10:09:27 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{4ACA92F4-5675-4DE2-9D6E-FFE63CCCD1E4}
[2012/11/22 14:56:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/11/22 14:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/22 14:56:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/11/22 10:22:30 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{1055828D-EE84-4EF1-92D7-67443E0841DD}
[2012/11/21 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{36B7B54D-E867-4B6E-9CC9-704939EFDC4C}
[2012/11/20 19:47:35 | 000,000,000 | ---D | C] -- C:\Users\Julia\Desktop\Vocal mic misc
[2012/11/20 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{E73BB56E-CDF4-4F5A-890C-FBB7CDA57A99}
[2012/11/19 08:04:12 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{60E16C1D-6F7F-4028-A69E-2004F4FDAEEC}
[2012/11/18 10:17:47 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{645784DF-F20D-410C-A156-71441828391D}
[2012/11/17 09:52:30 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{D0CE18A2-53BC-4C2E-BCD5-AA0C78A5EF1D}
[2012/11/16 09:46:27 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{329BCF20-97A7-4182-AE0C-F5E53ABC3762}
[2012/11/15 11:37:21 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{D3AB88ED-2461-4479-85BE-1A573686B48F}
[2012/11/14 09:01:43 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{9D60F2E1-1BE4-41E4-A08C-99E5B08F3A37}
[2012/11/13 09:17:25 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{DFD7EED8-04DB-4659-88E3-0B4E9BD86B62}
[2012/11/12 08:14:29 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{1AABC7C1-DCC9-4E97-A338-D11365972988}
[2012/11/11 11:30:47 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{72F9F083-45C3-4FBC-979C-BB8CE1079DC7}
[2012/11/10 10:36:30 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{6047F064-C58A-4E20-A67D-3256283FC2B4}
[2012/11/09 14:38:35 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{C9A1678E-9531-4BD7-8A22-DFDA851C5CB6}
[2012/11/08 11:25:47 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{4559784E-7462-4B82-BD68-0E460248B146}
[2012/11/07 21:15:48 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{A7A8AEC4-EEF6-43CC-A69D-013BECDB7168}
[2012/11/06 10:44:40 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\{A3ACDF67-C961-4E48-8E8D-32CE5FCE25AA}
[2009/04/14 11:16:27 | 003,190,688 | ---- | C] (Piriform Ltd) -- C:\Users\Julia\ccsetup218.exe
[1 C:\Users\Julia\*.tmp files -> C:\Users\Julia\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/12/05 21:27:32 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/05 21:27:32 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/05 21:27:32 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/05 21:17:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julia\Desktop\OTL.exe
[2012/12/05 20:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/05 19:48:38 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/05 19:48:33 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/05 19:48:33 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/05 19:48:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/05 19:48:20 | 2138,234,879 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/05 19:41:38 | 000,007,052 | ---- | M] () -- C:\Users\Julia\AppData\Local\d3d9caps.dat
[2012/12/05 17:40:37 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/05 17:36:09 | 000,002,322 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/12/05 14:43:38 | 000,096,072 | ---- | M] () -- C:\Users\Julia\Desktop\Fae LL.jpg
[2012/11/22 14:56:26 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/11/15 11:31:24 | 000,364,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Julia\*.tmp files -> C:\Users\Julia\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/12/05 17:40:37 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/05 13:04:27 | 000,096,072 | ---- | C] () -- C:\Users\Julia\Desktop\Fae LL.jpg
[2012/08/15 09:56:18 | 000,007,052 | ---- | C] () -- C:\Users\Julia\AppData\Local\d3d9caps.dat
[2011/05/12 14:06:37 | 000,001,940 | ---- | C] () -- C:\Users\Julia\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/02/26 23:31:39 | 000,011,396 | -HS- | C] () -- C:\Users\Julia\AppData\Local\3363AB316jO
[2010/02/17 13:38:52 | 000,010,524 | -HS- | C] () -- C:\Users\Julia\AppData\Local\LH4VG4
[2010/02/08 09:40:15 | 000,053,248 | ---- | C] () -- C:\Users\Julia\lametritonus_en.dll
[2010/02/08 09:40:14 | 000,162,304 | ---- | C] () -- C:\Users\Julia\lame_enc_en.dll
[2009/12/09 20:20:03 | 004,277,027 | ---- | C] () -- C:\Users\Julia\Collab.wbd
[2009/04/21 08:26:35 | 000,249,344 | ---- | C] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 16:27:31 | 000,000,732 | ---- | C] () -- C:\Users\Julia\AppData\Local\d3d9caps64.dat
[2009/04/14 11:23:03 | 002,817,354 | ---- | C] () -- C:\Users\Julia\DCProSetup_15.zip
[2008/03/24 09:47:02 | 000,000,012 | ---- | C] () -- C:\Users\Julia\AppData\Roaming\userdic.tlx
========== ZeroAccess Check ==========
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/08/12 17:23:33 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Acoustica
[2012/04/11 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Aegisub
[2012/11/29 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Audacity
[2009/06/01 21:11:17 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Design Science
[2012/12/05 19:50:49 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Dropbox
[2009/10/12 08:41:39 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Elluminate
[2010/02/27 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\fltk.org
[2010/11/14 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\iClippy
[2009/06/06 13:39:55 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Image Zone Express
[2009/10/31 13:40:19 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\MPEG Streamclip
[2010/11/25 13:04:08 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\NCH Swift Sound
[2009/05/30 19:12:52 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Printer Info Cache
[2009/06/03 22:17:17 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Quicken Legal Business Pro
[2009/06/03 22:06:12 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Quicken WillMaker
[2012/06/20 20:59:33 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\RenPy
[2010/01/05 12:19:12 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Walgreens
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >
Thank you for your time.