Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

i tried to respond within four days but you locked my thread early.


  • This topic is locked This topic is locked

#1
Cermetgu68

Cermetgu68

    Member

  • Member
  • PipPip
  • 13 posts
on boot up a popup shows. i already got told what to do, and below the original post i've posted the steps the helper said to do.

OTL logfile created on: 3/15/2013 3:07:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BooBooKitty[bleep]\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.81% Memory free
4.19 Gb Paging File | 3.29 Gb Available in Paging File | 78.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.05 Gb Total Space | 205.29 Gb Free Space | 71.27% Space Free | Partition Type: NTFS
Drive D: | 10.04 Gb Total Space | 3.92 Gb Free Space | 39.09% Space Free | Partition Type: NTFS

Computer Name: BOOBOOKITTYF-PC | User Name: BooBooKitty[bleep] | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/15 15:07:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BooBooKitty[bleep]\Downloads\OTL.exe
PRC - [2013/03/14 14:52:01 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/07 10:30:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/03/01 16:00:55 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Users\BooBooKitty[bleep]\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
PRC - [2009/01/09 23:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 22:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/06/18 17:30:07 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/05/10 10:15:28 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/07/13 00:27:36 | 005,252,936 | ---- | M] (SpareBackup, Inc.) -- C:\Program Files\Spare Backup\SpareBackup.exe
PRC - [2007/04/23 18:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2006/11/02 05:45:59 | 000,116,736 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2006/10/05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/15 15:07:18 | 000,177,664 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\AppData\LocalLow\Sun\Java\jre1.7.0_17\lzma.dll
MOD - [2013/03/14 14:52:00 | 014,717,144 | ---- | M] () -- C:\WINDOWS\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 10:30:45 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009/10/17 06:22:43 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2009/10/17 06:19:51 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\bc0741702f130a8a4ed9ad1f00bc4724\System.Web.Services.ni.dll
MOD - [2009/10/17 06:19:51 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\cccf9e783368088a6d357cc45f446478\Accessibility.ni.dll
MOD - [2009/10/17 06:19:49 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll
MOD - [2009/10/17 06:19:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2009/10/17 06:19:37 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.ni.dll
MOD - [2009/10/17 06:19:36 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b98385fbfc00adacf4fd7896ba064032\System.Transactions.ni.dll
MOD - [2009/10/17 06:19:35 | 000,676,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\a0fa9d672445167efeefa37ebc1fbf23\System.Security.ni.dll
MOD - [2009/10/17 06:19:34 | 002,510,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\2ff971b28f38772a6c26530b07fc0d9a\System.Data.SqlXml.ni.dll
MOD - [2009/10/17 06:19:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2009/10/17 06:19:29 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f89a83a383e7e235f399df9100928be3\Microsoft.VisualC.ni.dll
MOD - [2009/10/17 06:17:09 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2009/10/17 06:16:51 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2009/10/17 06:16:39 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2009/10/17 06:16:27 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll
MOD - [2009/10/17 06:15:24 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2009/10/17 06:15:07 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2008/07/29 16:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/07/27 14:00:27 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2008/07/27 14:00:26 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/06/18 16:59:12 | 000,708,608 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Web.Services2\2.0.3.0__31bf3856ad364e35\Microsoft.Web.Services2.dll
MOD - [2008/05/10 11:11:38 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2008/05/10 11:09:34 | 000,466,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2008/05/10 11:02:56 | 000,311,296 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2008/05/10 11:02:30 | 000,171,008 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2008/05/10 11:02:06 | 000,675,840 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2008/05/10 11:00:08 | 000,096,256 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2008/05/10 10:57:22 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2008/05/10 10:53:50 | 001,229,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2008/05/10 10:47:14 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2008/05/10 10:46:50 | 000,232,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2008/05/10 10:45:12 | 000,757,760 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2008/05/10 10:45:02 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2008/05/10 10:43:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2008/05/10 10:35:20 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2008/05/10 10:33:12 | 000,403,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2008/05/10 10:31:20 | 000,258,560 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2008/05/10 10:28:00 | 000,354,816 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2008/05/10 10:27:34 | 000,233,472 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2008/05/10 10:24:52 | 000,117,760 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2008/05/10 10:23:00 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2008/05/10 10:22:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2008/05/10 10:20:26 | 000,083,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2008/05/10 10:20:06 | 000,128,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2008/05/10 10:16:12 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2008/05/10 07:06:12 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2008/04/21 18:20:50 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2008/04/21 18:20:08 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2008/04/21 18:19:44 | 000,798,720 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2008/04/21 18:19:14 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2008/04/21 18:19:00 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2008/04/14 18:30:20 | 000,786,432 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2008/04/11 18:59:40 | 000,159,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2008/04/11 18:59:16 | 000,872,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2007/04/03 10:05:24 | 000,577,096 | ---- | M] () -- C:\Program Files\Spare Backup\System.Data.SQLite.DLL
MOD - [2007/04/03 10:04:54 | 000,183,880 | ---- | M] () -- C:\Program Files\Spare Backup\UberCrypto.dll
MOD - [2007/03/06 14:34:10 | 000,249,856 | ---- | M] () -- C:\WINDOWS\System32\igfxTMM.dll
MOD - [2006/03/07 13:05:24 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2013/03/14 15:27:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008/06/18 17:30:07 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/05 15:39:40 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/08/17 10:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 10:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 10:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 10:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2004/06/09 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Sacm2A.sys -- (USBCM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5620
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5620
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope = {8E02D41C-5924-4816-9490-33CCD28BEB72}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{9ABBD983-1F5C-4410-A4C4-5EBCB2D39314}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{BD3FC9B1-07EF-40BB-9BED-1F4A8E81196A}: "URL" = http://fruttisearch....q={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/13 02:48:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 01:58:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{C8131606-5ADD-435D-BA83-34147B7D35AC}: C:\Users\BooBooKitty[bleep]\AppData\Local\{C8131606-5ADD-435D-BA83-34147B7D35AC} [2010/02/10 20:22:57 | 000,000,000 | ---D | M]

[2013/03/13 02:48:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\Mozilla\Extensions
[2013/03/13 02:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/12 08:45:57 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{d9f750b6-6be0-c42a-ddf7-3dc32b24d623}
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\System32\BAE.dll (Gateway Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No CLSID value found.
O4 - HKLM..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Spare Backup] C:\Program Files\Spare Backup\SpareBackup.exe (SpareBackup, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ssqnkjsys] rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer File not found
O4 - Startup: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2927EADC-B7A3-4964-82C6-2491766C3E9A}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = ????] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/14 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\BooBooKitty[bleep]\AppData\Local\Macromedia
[2013/03/13 02:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/13 02:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/03/09 15:55:09 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/08 00:43:58 | 000,000,000 | ---D | C] -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II
[2013/03/08 00:38:13 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013/03/08 00:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II New
[2011/12/20 20:42:36 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\Users\BooBooKitty[bleep]\AppData\Local\rnn.exe

========== Files - Modified Within 30 Days ==========

[2013/03/15 15:08:06 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/15 15:08:06 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/15 15:01:40 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/03/15 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 15:01:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/15 04:27:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 03:10:10 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2013/03/15 03:04:10 | 000,001,712 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\Desktop\Diablo II - Lord of Destruction.lnk
[2013/03/14 15:27:17 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/14 15:27:17 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/13 03:20:44 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
[2013/03/13 02:48:35 | 000,000,830 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/09 02:03:30 | 000,038,881 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2013/03/09 02:02:04 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2013/03/09 02:02:04 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2013/03/09 02:02:04 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2013/03/08 00:38:13 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013/03/08 00:38:13 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif

========== Files Created - No Company Name ==========

[2013/03/14 14:52:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/13 02:48:35 | 000,000,830 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/08 00:43:58 | 000,001,712 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\Desktop\Diablo II - Lord of Destruction.lnk
[2013/03/08 00:38:15 | 000,038,881 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2013/03/08 00:38:13 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2011/12/20 20:42:37 | 000,010,258 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\156562k5g407j802s852n1mie2p4
[2011/12/20 20:42:37 | 000,010,258 | -HS- | C] () -- C:\ProgramData\156562k5g407j802s852n1mie2p4
[2011/12/20 18:12:14 | 000,011,532 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\q5gtk431vyy88wfvofd4r47f44hv41njcma4lis
[2011/12/20 18:12:14 | 000,011,532 | -HS- | C] () -- C:\ProgramData\q5gtk431vyy88wfvofd4r47f44hv41njcma4lis
[2011/12/17 21:33:19 | 000,011,868 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\rljpre3t3lkp4gxq3pvr3x844p3r
[2011/12/17 21:33:19 | 000,011,868 | -HS- | C] () -- C:\ProgramData\rljpre3t3lkp4gxq3pvr3x844p3r
[2011/07/17 16:49:53 | 000,014,174 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\545s08x38045hg2oiv5781gs2017fg30f5507t48f1flba
[2011/07/17 16:49:53 | 000,014,174 | -HS- | C] () -- C:\ProgramData\545s08x38045hg2oiv5781gs2017fg30f5507t48f1flba
[2010/03/19 13:53:21 | 000,001,124 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Ogl6
[2010/03/19 13:53:21 | 000,001,124 | -HS- | C] () -- C:\ProgramData\Ogl6
[2010/03/19 13:46:06 | 000,001,132 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\H5obFSC7MF62
[2010/03/19 13:46:06 | 000,001,132 | -HS- | C] () -- C:\ProgramData\H5obFSC7MF62
[2010/02/19 16:11:27 | 000,002,766 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\4U8bt2ELlFs
[2010/02/13 22:20:21 | 000,001,274 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\GGru612642m
[2010/02/10 23:50:17 | 000,000,552 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\d3d8caps.dat
[2010/02/10 23:50:15 | 000,000,680 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\d3d9caps.dat
[2010/02/10 20:24:09 | 000,011,638 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\R4AlO7HdsW5
[2010/02/10 20:22:59 | 000,000,000 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Qhuyewa.bin
[2010/02/10 20:22:58 | 000,000,120 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Gfarapaximiba.dat
[2008/10/14 17:14:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/08 17:27:05 | 000,019,172 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\wklnhst.dat
[2008/06/18 18:01:01 | 000,089,600 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 08:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 05:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >




Thanks for looking, I thought it was a registry error at first but i haven't tried anything to fix it yet. Next follows the reports for aswmbr.exe, roguekiller.exe and adwcleaner.exe. i've only run the reports.


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 15:53:12
-----------------------------
15:53:12.328 OS Version: Windows 6.0.6000
15:53:12.328 Number of processors: 2 586 0xF02
15:53:12.328 ComputerName: BOOBOOKITTYF-PC UserName: BooBooKitty[bleep]
15:53:13.311 Initialize success
15:54:29.415 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
15:54:29.415 Disk 0 Vendor: ST3320820AS 3.AAD Size: 305245MB BusType: 3
15:54:29.540 Disk 0 MBR read successfully
15:54:29.540 Disk 0 MBR scan
15:54:29.540 Disk 0 Windows VISTA default MBR code
15:54:29.540 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 10275 MB offset 63
15:54:29.571 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 294966 MB offset 21045150
15:54:29.571 Disk 0 scanning sectors +625137345
15:54:29.649 Disk 0 scanning C:\Windows\system32\drivers
15:54:34.594 Service scanning
15:54:45.436 Modules scanning
15:54:50.959 Disk 0 trace - called modules:
15:54:50.990 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:54:51.005 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c67390]
15:54:51.520 3 ntkrnlpa.exe[824b07e2] -> nt!IofCallDriver -> [0x842604a8]
15:54:51.520 5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8426cbb0]
15:54:51.536 Scan finished successfully
15:56:54.240 Disk 0 MBR has been saved successfully to "C:\Users\BooBooKitty[bleep]\Desktop\MBR.dat"
15:56:54.255 The log file has been saved successfully to "C:\Users\BooBooKitty[bleep]\Desktop\aswMBR.txt"


Now Roguekiller

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6000 ) 32 bits version
Started in : Normal mode
User : BooBooKitty[bleep] [Admin rights]
Mode : Scan -- Date : 03/19/2013 16:00:21
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ssqnkjsys (rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3820072722-2666035794-44054791-1000[...]\Run : ssqnkjsys (rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer) [x] -> FOUND
[TASK][SUSP PATH] EasyShare Registration Task.job : C:\WINDOWS\System32\rundll32.exe C:\ProgramData\Kodak\EasyShareSetup\$Registration\Registration_7.8.20.2.sxt [email protected] [7] -> FOUND
[TASK][SUSP PATH] EasyShare Registration Task : C:\WINDOWS\System32\rundll32.exe C:\ProgramData\Kodak\EasyShareSetup\$Registration\Registration_7.8.20.2.sxt [email protected] [7] -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKCR\[...].exe : (、ՙ껿ՙ) -> FOUND
[FILEASSO] HKCU\[...]\.exe : (、ՙ껿ՙ) -> FOUND
[FILEASSO] HKUS\S-1-5-21-3820072722-2666035794-44054791-1000[...]\.exe : (、ՙ껿ՙ) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3320820AS ATA Device +++++
--- User ---
[MBR] a923603db9d4cf50e69f45c5ec272421
[BSP] 8506874e3292b0527995f6532b71b09f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 10275 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21045150 | Size: 294966 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_03192013_02d1600.txt >>
RKreport[1]_S_03192013_02d1600.txt



Now adwcleaner

# AdwCleaner v2.115 - Logfile created 03/19/2013 at 16:09:13
# Updated 17/03/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium (32 bits)
# User : BooBooKitty[bleep] - BOOBOOKITTYF-PC
# Boot Mode : Normal
# Running from : C:\Users\BooBooKitty[bleep]\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\Trymedia

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\HavingFunOnline
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17037

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\BooBooKitty[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\uye5aqge.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1615 octets] - [19/03/2013 16:06:29]
AdwCleaner[R2].txt - [1546 octets] - [19/03/2013 16:09:13]

########## EOF - C:\AdwCleaner[R2].txt - [1606 octets] ##########


Thank you.
  • 0

Advertisements


#2
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
I have copied the logs you posted here to the original topic. This topic will be closed. We can continue in the original topic here http://www.geekstogo...sernameappdata/
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP