OTL logfile created on: 3/15/2013 3:07:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BooBooKitty[bleep]\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.81% Memory free
4.19 Gb Paging File | 3.29 Gb Available in Paging File | 78.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.05 Gb Total Space | 205.29 Gb Free Space | 71.27% Space Free | Partition Type: NTFS
Drive D: | 10.04 Gb Total Space | 3.92 Gb Free Space | 39.09% Space Free | Partition Type: NTFS
Computer Name: BOOBOOKITTYF-PC | User Name: BooBooKitty[bleep] | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/15 15:07:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BooBooKitty[bleep]\Downloads\OTL.exe
PRC - [2013/03/14 14:52:01 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/07 10:30:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/03/01 16:00:55 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Users\BooBooKitty[bleep]\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
PRC - [2009/01/09 23:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 22:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/06/18 17:30:07 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/05/10 10:15:28 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/07/13 00:27:36 | 005,252,936 | ---- | M] (SpareBackup, Inc.) -- C:\Program Files\Spare Backup\SpareBackup.exe
PRC - [2007/04/23 18:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2006/11/02 05:45:59 | 000,116,736 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2006/10/05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/15 15:07:18 | 000,177,664 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\AppData\LocalLow\Sun\Java\jre1.7.0_17\lzma.dll
MOD - [2013/03/14 14:52:00 | 014,717,144 | ---- | M] () -- C:\WINDOWS\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 10:30:45 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009/10/17 06:22:43 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2009/10/17 06:19:51 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\bc0741702f130a8a4ed9ad1f00bc4724\System.Web.Services.ni.dll
MOD - [2009/10/17 06:19:51 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\cccf9e783368088a6d357cc45f446478\Accessibility.ni.dll
MOD - [2009/10/17 06:19:49 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll
MOD - [2009/10/17 06:19:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2009/10/17 06:19:37 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.ni.dll
MOD - [2009/10/17 06:19:36 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b98385fbfc00adacf4fd7896ba064032\System.Transactions.ni.dll
MOD - [2009/10/17 06:19:35 | 000,676,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\a0fa9d672445167efeefa37ebc1fbf23\System.Security.ni.dll
MOD - [2009/10/17 06:19:34 | 002,510,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\2ff971b28f38772a6c26530b07fc0d9a\System.Data.SqlXml.ni.dll
MOD - [2009/10/17 06:19:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2009/10/17 06:19:29 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f89a83a383e7e235f399df9100928be3\Microsoft.VisualC.ni.dll
MOD - [2009/10/17 06:17:09 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2009/10/17 06:16:51 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2009/10/17 06:16:39 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2009/10/17 06:16:27 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll
MOD - [2009/10/17 06:15:24 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2009/10/17 06:15:07 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2008/07/29 16:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/07/27 14:00:27 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2008/07/27 14:00:26 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/06/18 16:59:12 | 000,708,608 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Web.Services2\2.0.3.0__31bf3856ad364e35\Microsoft.Web.Services2.dll
MOD - [2008/05/10 11:11:38 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2008/05/10 11:09:34 | 000,466,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2008/05/10 11:02:56 | 000,311,296 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2008/05/10 11:02:30 | 000,171,008 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2008/05/10 11:02:06 | 000,675,840 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2008/05/10 11:00:08 | 000,096,256 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2008/05/10 10:57:22 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2008/05/10 10:53:50 | 001,229,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2008/05/10 10:47:14 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2008/05/10 10:46:50 | 000,232,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2008/05/10 10:45:12 | 000,757,760 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2008/05/10 10:45:02 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2008/05/10 10:43:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2008/05/10 10:35:20 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2008/05/10 10:33:12 | 000,403,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2008/05/10 10:31:20 | 000,258,560 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2008/05/10 10:28:00 | 000,354,816 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2008/05/10 10:27:34 | 000,233,472 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2008/05/10 10:24:52 | 000,117,760 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2008/05/10 10:23:00 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2008/05/10 10:22:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2008/05/10 10:20:26 | 000,083,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2008/05/10 10:20:06 | 000,128,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2008/05/10 10:16:12 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2008/05/10 07:06:12 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2008/04/21 18:20:50 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2008/04/21 18:20:08 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2008/04/21 18:19:44 | 000,798,720 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2008/04/21 18:19:14 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2008/04/21 18:19:00 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2008/04/14 18:30:20 | 000,786,432 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2008/04/11 18:59:40 | 000,159,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2008/04/11 18:59:16 | 000,872,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2007/04/03 10:05:24 | 000,577,096 | ---- | M] () -- C:\Program Files\Spare Backup\System.Data.SQLite.DLL
MOD - [2007/04/03 10:04:54 | 000,183,880 | ---- | M] () -- C:\Program Files\Spare Backup\UberCrypto.dll
MOD - [2007/03/06 14:34:10 | 000,249,856 | ---- | M] () -- C:\WINDOWS\System32\igfxTMM.dll
MOD - [2006/03/07 13:05:24 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2013/03/14 15:27:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008/06/18 17:30:07 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/05 15:39:40 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/08/17 10:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 10:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 10:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 10:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2004/06/09 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Sacm2A.sys -- (USBCM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5620
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5620
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope = {8E02D41C-5924-4816-9490-33CCD28BEB72}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{9ABBD983-1F5C-4410-A4C4-5EBCB2D39314}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{BD3FC9B1-07EF-40BB-9BED-1F4A8E81196A}: "URL" = http://fruttisearch....q={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/13 02:48:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 01:58:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{C8131606-5ADD-435D-BA83-34147B7D35AC}: C:\Users\BooBooKitty[bleep]\AppData\Local\{C8131606-5ADD-435D-BA83-34147B7D35AC} [2010/02/10 20:22:57 | 000,000,000 | ---D | M]
[2013/03/13 02:48:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\Mozilla\Extensions
[2013/03/13 02:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/12 08:45:57 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{d9f750b6-6be0-c42a-ddf7-3dc32b24d623}
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\System32\BAE.dll (Gateway Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No CLSID value found.
O4 - HKLM..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Spare Backup] C:\Program Files\Spare Backup\SpareBackup.exe (SpareBackup, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ssqnkjsys] rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer File not found
O4 - Startup: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2927EADC-B7A3-4964-82C6-2491766C3E9A}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = ????] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/14 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\BooBooKitty[bleep]\AppData\Local\Macromedia
[2013/03/13 02:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/13 02:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/03/09 15:55:09 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/08 00:43:58 | 000,000,000 | ---D | C] -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II
[2013/03/08 00:38:13 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013/03/08 00:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II New
[2011/12/20 20:42:36 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\Users\BooBooKitty[bleep]\AppData\Local\rnn.exe
========== Files - Modified Within 30 Days ==========
[2013/03/15 15:08:06 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/15 15:08:06 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/15 15:01:40 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/03/15 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 15:01:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/15 04:27:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 03:10:10 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2013/03/15 03:04:10 | 000,001,712 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\Desktop\Diablo II - Lord of Destruction.lnk
[2013/03/14 15:27:17 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/14 15:27:17 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/13 03:20:44 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
[2013/03/13 02:48:35 | 000,000,830 | ---- | M] () -- C:\Users\BooBooKitty[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/09 02:03:30 | 000,038,881 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2013/03/09 02:02:04 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2013/03/09 02:02:04 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2013/03/09 02:02:04 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2013/03/08 00:38:13 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013/03/08 00:38:13 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
========== Files Created - No Company Name ==========
[2013/03/14 14:52:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/13 02:48:35 | 000,000,830 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/13 02:48:35 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/08 00:43:58 | 000,001,712 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\Desktop\Diablo II - Lord of Destruction.lnk
[2013/03/08 00:38:15 | 000,038,881 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2013/03/08 00:38:13 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2011/12/20 20:42:37 | 000,010,258 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\156562k5g407j802s852n1mie2p4
[2011/12/20 20:42:37 | 000,010,258 | -HS- | C] () -- C:\ProgramData\156562k5g407j802s852n1mie2p4
[2011/12/20 18:12:14 | 000,011,532 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\q5gtk431vyy88wfvofd4r47f44hv41njcma4lis
[2011/12/20 18:12:14 | 000,011,532 | -HS- | C] () -- C:\ProgramData\q5gtk431vyy88wfvofd4r47f44hv41njcma4lis
[2011/12/17 21:33:19 | 000,011,868 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\rljpre3t3lkp4gxq3pvr3x844p3r
[2011/12/17 21:33:19 | 000,011,868 | -HS- | C] () -- C:\ProgramData\rljpre3t3lkp4gxq3pvr3x844p3r
[2011/07/17 16:49:53 | 000,014,174 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\545s08x38045hg2oiv5781gs2017fg30f5507t48f1flba
[2011/07/17 16:49:53 | 000,014,174 | -HS- | C] () -- C:\ProgramData\545s08x38045hg2oiv5781gs2017fg30f5507t48f1flba
[2010/03/19 13:53:21 | 000,001,124 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Ogl6
[2010/03/19 13:53:21 | 000,001,124 | -HS- | C] () -- C:\ProgramData\Ogl6
[2010/03/19 13:46:06 | 000,001,132 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\H5obFSC7MF62
[2010/03/19 13:46:06 | 000,001,132 | -HS- | C] () -- C:\ProgramData\H5obFSC7MF62
[2010/02/19 16:11:27 | 000,002,766 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\4U8bt2ELlFs
[2010/02/13 22:20:21 | 000,001,274 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\GGru612642m
[2010/02/10 23:50:17 | 000,000,552 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\d3d8caps.dat
[2010/02/10 23:50:15 | 000,000,680 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\d3d9caps.dat
[2010/02/10 20:24:09 | 000,011,638 | -HS- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\R4AlO7HdsW5
[2010/02/10 20:22:59 | 000,000,000 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Qhuyewa.bin
[2010/02/10 20:22:58 | 000,000,120 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\Gfarapaximiba.dat
[2008/10/14 17:14:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/08 17:27:05 | 000,019,172 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Roaming\wklnhst.dat
[2008/06/18 18:01:01 | 000,089,600 | ---- | C] () -- C:\Users\BooBooKitty[bleep]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 08:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 05:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
Thanks for looking, I thought it was a registry error at first but i haven't tried anything to fix it yet. Next follows the reports for aswmbr.exe, roguekiller.exe and adwcleaner.exe. i've only run the reports.
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 15:53:12
-----------------------------
15:53:12.328 OS Version: Windows 6.0.6000
15:53:12.328 Number of processors: 2 586 0xF02
15:53:12.328 ComputerName: BOOBOOKITTYF-PC UserName: BooBooKitty[bleep]
15:53:13.311 Initialize success
15:54:29.415 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
15:54:29.415 Disk 0 Vendor: ST3320820AS 3.AAD Size: 305245MB BusType: 3
15:54:29.540 Disk 0 MBR read successfully
15:54:29.540 Disk 0 MBR scan
15:54:29.540 Disk 0 Windows VISTA default MBR code
15:54:29.540 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 10275 MB offset 63
15:54:29.571 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 294966 MB offset 21045150
15:54:29.571 Disk 0 scanning sectors +625137345
15:54:29.649 Disk 0 scanning C:\Windows\system32\drivers
15:54:34.594 Service scanning
15:54:45.436 Modules scanning
15:54:50.959 Disk 0 trace - called modules:
15:54:50.990 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:54:51.005 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c67390]
15:54:51.520 3 ntkrnlpa.exe[824b07e2] -> nt!IofCallDriver -> [0x842604a8]
15:54:51.520 5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8426cbb0]
15:54:51.536 Scan finished successfully
15:56:54.240 Disk 0 MBR has been saved successfully to "C:\Users\BooBooKitty[bleep]\Desktop\MBR.dat"
15:56:54.255 The log file has been saved successfully to "C:\Users\BooBooKitty[bleep]\Desktop\aswMBR.txt"
Now Roguekiller
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows Vista (6.0.6000 ) 32 bits version
Started in : Normal mode
User : BooBooKitty[bleep] [Admin rights]
Mode : Scan -- Date : 03/19/2013 16:00:21
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ssqnkjsys (rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3820072722-2666035794-44054791-1000[...]\Run : ssqnkjsys (rundll32.exe "c:\users\booboo~1\appdata\local\temp\efcbbc.dll",DllRegisterServer) [x] -> FOUND
[TASK][SUSP PATH] EasyShare Registration Task.job : C:\WINDOWS\System32\rundll32.exe C:\ProgramData\Kodak\EasyShareSetup\$Registration\Registration_7.8.20.2.sxt _RegistrationOffer@16 [7] -> FOUND
[TASK][SUSP PATH] EasyShare Registration Task : C:\WINDOWS\System32\rundll32.exe C:\ProgramData\Kodak\EasyShareSetup\$Registration\Registration_7.8.20.2.sxt _RegistrationOffer@16 [7] -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKCR\[...].exe : (、ՙ껿ՙ) -> FOUND
[FILEASSO] HKCU\[...]\.exe : (、ՙ껿ՙ) -> FOUND
[FILEASSO] HKUS\S-1-5-21-3820072722-2666035794-44054791-1000[...]\.exe : (、ՙ껿ՙ) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT
¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST3320820AS ATA Device +++++
--- User ---
[MBR] a923603db9d4cf50e69f45c5ec272421
[BSP] 8506874e3292b0527995f6532b71b09f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 10275 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21045150 | Size: 294966 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_03192013_02d1600.txt >>
RKreport[1]_S_03192013_02d1600.txt
Now adwcleaner
# AdwCleaner v2.115 - Logfile created 03/19/2013 at 16:09:13
# Updated 17/03/2013 by Xplode
# Operating system : Windows Vista Home Premium (32 bits)
# User : BooBooKitty[bleep] - BOOBOOKITTYF-PC
# Boot Mode : Normal
# Running from : C:\Users\BooBooKitty[bleep]\Desktop\AdwCleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\ProgramData\Trymedia
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\HavingFunOnline
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.6000.17037
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (en-US)
File : C:\Users\BooBooKitty[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\uye5aqge.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1615 octets] - [19/03/2013 16:06:29]
AdwCleaner[R2].txt - [1546 octets] - [19/03/2013 16:09:13]
########## EOF - C:\AdwCleaner[R2].txt - [1606 octets] ##########
Thank you.