Folder::
c:\users\Lolita\AppData\Roaming\PC Utility Kit
c:\programdata\PC Utility Kit
I was sick yesterday. Please help.
how to clean up pc [Closed]
Started by
Littleone3
, Apr 19 2013 07:59 PM
-
This topic is locked
#16
Posted 22 April 2013 - 11:26 AM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
Folder::
c:\users\Lolita\AppData\Roaming\PC Utility Kit
c:\programdata\PC Utility Kit
I was sick yesterday. Please help.
#17
Posted 22 April 2013 - 11:40 AM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
I am trying to take care of my computer which has been infected with virus, spyware, malware removal. I am new to trying to fix things. I had trouble pasting things to the desktop. If you can help. I would appreciate any help. I tried to back up my computer with a PNY 4g and my computer would not do that. I may have done this wrong also..
#18
Posted 22 April 2013 - 12:09 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
I have uploaded the script just save it to the desktop and then drag it onto combofix
Attached Files
-
CFScript.txt 862bytes
140 downloads
#19
Posted 22 April 2013 - 05:34 PM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
I am getting a spelling incorrectly .and request to turn off avg security.. My computer was doing better but is is now starting to slow down.
#20
Posted 22 April 2013 - 07:38 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Littleone3
I would like you to rerun OTL for me and send me the fresh scan for me.
Run New OTL Scan
Gringo
I would like you to rerun OTL for me and send me the fresh scan for me.
Run New OTL Scan
- Double click on OTL.exe to run it.
- Under Output, ensure that Minimal Output is selected.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened and the that I need posted back here
- Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
- Please post the contents of OTL.txt in your next reply.
Gringo
#21
Posted 22 April 2013 - 09:41 PM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
OTL>TXT
ClearJavaCache::
Folder::
c:\program files (x86)\Optimizer Pro
c:\programdata\Tarma Installer
c:\users\Lolita\AppData\Roaming\SimplyTech
c:\program files (x86)\Protected Search
c:\program files (x86)\Conduit
c:\users\Lolita\AppData\Local\Conduit
c:\users\Lolita\AppData\Roaming\PC Utility Kit
c:\programdata\PC Utility Kit
c:\users\Lolita\AppData\Roaming\Strongvault
DDS::
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN56002197261463852&UM=2&ctid=CT3289847
FirerFox::
FF - ProfilePath - c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN62173828420927235&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search
Extras.txt
OTL Extras logfile created on: 4/22/2013 11:19:28 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lolita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 47.31% Memory free
3.74 Gb Paging File | 2.21 Gb Available in Paging File | 58.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 175.41 Gb Free Space | 78.85% Space Free | Partition Type: NTFS
Computer Name: LOLITA-PC | User Name: Lolita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A94A1A2-6863-42C3-B031-CED763987B5A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BE02B7A-5472-4F51-90DC-F2B320425A9E}" = lport=137 | protocol=17 | dir=in | app=system |
"{13CE015C-46D0-4618-9CD4-8A2C1A673A9B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2104EEEF-4F47-481E-B8AE-41675F3BD546}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{385058D7-2D19-4724-9548-0B32A1FA0151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{38B30364-FFE1-4CEE-872E-8FDE916C6410}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5082D34B-0B80-4BEE-AEAA-63411DFB55BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{584CB49E-35DD-4E85-8789-B80E770E2115}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5C86FFA6-5746-4FD5-B2EA-31798C63FE05}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5FE0C97D-F8A3-4805-8F0F-663B81CFA61D}" = rport=445 | protocol=6 | dir=out | app=system |
"{612FFD72-6AC3-40FB-92AC-C53BC33E98B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{774E5C8E-4745-4531-B2BE-2C681F06EE83}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{77EB11AE-71FF-4B6E-BA19-9A4383E0F223}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8EE7741E-8FC9-475F-A3E0-380894A9AAEC}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7A2D366-A510-4DF1-A17C-068410465C29}" = rport=139 | protocol=6 | dir=out | app=system |
"{A7AF1BF0-5448-4E59-8F58-407140431C0E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AC318F7A-96DD-4EAB-8DEA-9279952D4483}" = lport=139 | protocol=6 | dir=in | app=system |
"{AD9D7D07-4DED-4463-B684-18FA99BEC172}" = rport=137 | protocol=17 | dir=out | app=system |
"{B45ECE4E-4156-4634-BE7C-BD8BCA245BBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C644801D-8E39-48F3-A8F7-62664363AC26}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C7557DE7-E455-47C6-865C-A3B517167F8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD06D664-FF86-4580-9EAB-D1B6B40FA4F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4606195-221C-495E-A822-38D93C2C57D5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F14882D9-0F45-4F67-9743-F1C21AAA7BCB}" = lport=445 | protocol=6 | dir=in | app=system |
"{F9ABAD07-C1DD-4B2D-BBCC-2FB2BCA9E2BF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F5F990-735F-4827-90C7-8C09C121DBCC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0A217042-0403-4932-8BDB-2D55A3F2FE25}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{111689EE-4F0B-43B9-9C86-CEC2FF094F87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12ABF134-4CFE-420B-9F67-D40D208768B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{15587662-7524-48E2-A141-C56E54BBA8CC}" = protocol=58 | dir=in | [email protected],-28545 |
"{2DF38A33-8BF9-462A-92DD-4C86E5632F1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A98D1FB-DE8B-4235-B6C0-7FA0B04A7EB8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3CE59CDB-F8F3-4FC1-BDFB-ABC05BB312B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45C65444-9C64-43E9-BAF5-60BA93C63837}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{45D85A2F-D5E2-4D07-AB0C-773274703741}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{61B1C9D0-F10B-4FD6-AEF4-CA035795FC98}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{79B10520-939D-405C-BFC6-21EF7928C208}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87CB1315-E4F7-4A79-83F6-FCAE3223695E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{8AB399CA-9289-4E02-9D8B-41E75D028F6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{992AC31E-A401-47B0-8989-44E3B19D8510}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{9ADB37E2-D9B5-43CA-A2E2-E4134A123C7B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A1B3FE7F-4613-487C-B968-321DE8A605D9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{A54ED17B-A9FA-419D-ACCD-963DC032C027}" = protocol=1 | dir=in | [email protected],-28543 |
"{A66E6C2D-CB0A-4587-9122-3070D89E9FD3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{B2D701AD-FF82-453F-8458-D9468E703F5D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C0F98801-F7B8-4557-A419-F2830F55DA3D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg pc tuneup\boostspeed.exe |
"{C50E78BB-0EA8-4A97-9760-DA8C7E1779F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C71C9B05-3A78-4174-8A7E-71D392ED01F2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{C75C61AA-A992-4725-8FB8-0166ED7BA434}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{C7F2DC0C-5EAE-45A3-B0E1-3DAD705CDC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{CFFF4487-9A8F-4114-8EC9-69F150439FBD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D700D3E6-9ED6-42A4-81EF-49EFC6E7CC95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCF65E17-9C96-436F-99C7-0EF3375A32D5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E27219C1-3AF0-49A3-822B-D2850F6F0FEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E366093A-7E60-45D1-95D8-775C61933AF0}" = protocol=6 | dir=out | app=system |
"{E41A2297-E40D-4287-97F4-95098BE59F15}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg pc tuneup\boostspeed.exe |
"{F2E8E6D2-7C3F-44E5-B450-D58F89591F5D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F6A8DE98-03CF-4A7E-BEDA-8175B9729CEA}" = protocol=1 | dir=out | [email protected],-28544 |
"{F78BC400-BF94-4A13-95F9-41652E886B75}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F79F4B02-87FE-4E1F-B17E-492940588A72}" = protocol=58 | dir=out | [email protected],-28546 |
"{FD3FEC96-599D-4991-82C5-B0EAE38D182D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FF18F104-4D26-4A9A-9FBB-8A03E82E286C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{59FFBBA8-69DC-49B0-92C8-A45E82AC6A3B}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{6E8EC1AE-2E98-48C5-B7A8-3D3B19BF49F6}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{86D70D5C-8129-412F-B649-020E0AEA3DA4}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{D6B48FFC-75C0-4516-9906-FF4EE1C33563}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{F1048C68-012A-4DD4-ADCD-4BD00F4272AE}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FD80311-508F-42C3-A004-4CC8D08231F5}" = AVG 2013
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Nuance PDF Reader_is1" = NuancePDFReader
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B005610-B725-8D14-0C4B-40E0339F6E8D}" = Shutterfly Express Uploader
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5F6C549F-78DA-4E0E-AE70-0BD981936D99}" = Nuance PDF Reader
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
"Family Tree Builder" = MyHeritage Family Tree Builder
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"Mozilla (1.7.13)" = Mozilla (1.7.13)
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.89
"The Weather Channel App" = The Weather Channel App
"ULTIMATER" = Microsoft Office Ultimate 2007
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/12/2011 5:21:20 PM | Computer Name = Lolita-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 7/13/2011 12:20:26 PM | Computer Name = Lolita-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 1/9/2012 5:16:27 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:16:27 PM - Error connecting to the internet. 4:16:27 PM - Unable
to contact server..
Error - 1/9/2012 8:53:17 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 7:53:17 PM - Error connecting to the internet. 7:53:17 PM - Unable
to contact server..
Error - 1/11/2012 5:58:27 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:58:27 AM - Error connecting to the internet. 4:58:27 AM - Unable
to contact server..
Error - 1/12/2012 8:30:44 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 7:30:43 PM - Error connecting to the internet. 7:30:43 PM - Unable
to contact server..
Error - 1/19/2012 12:43:21 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 11:42:34 AM - Error connecting to the internet. 11:43:16 AM - Unable
to contact server..
Error - 1/20/2012 11:31:46 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 10:31:44 AM - Error connecting to the internet. 10:31:45 AM - Unable
to contact server..
Error - 1/21/2012 11:26:03 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 10:26:02 AM - Error connecting to the internet. 10:26:03 AM - Unable
to contact server..
Error - 1/29/2012 12:46:02 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 11:46:00 AM - Error connecting to the internet. 11:46:01 AM - Unable
to contact server..
Error - 1/31/2012 5:44:02 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:44:01 PM - Error connecting to the internet. 4:44:01 PM - Unable
to contact server..
Error - 2/20/2012 7:15:33 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 6:15:10 PM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
[ OSession Events ]
Error - 5/24/2011 11:37:01 AM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 794
seconds with 780 seconds of active time. This session ended with a crash.
Error - 1/25/2013 5:47:30 PM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4549
seconds with 3420 seconds of active time. This session ended with a crash.
Error - 1/25/2013 5:48:08 PM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4/22/2013 5:18:59 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:00 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:00 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:06 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126
Error - 4/22/2013 5:19:19 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126
Error - 4/22/2013 5:50:13 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 4/22/2013 5:50:13 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/22/2013 5:56:39 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 2
time(s).
Error - 4/22/2013 6:40:17 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 3
time(s).
Error - 4/22/2013 6:44:20 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 4
time(s).
< End of report >
ClearJavaCache::
Folder::
c:\program files (x86)\Optimizer Pro
c:\programdata\Tarma Installer
c:\users\Lolita\AppData\Roaming\SimplyTech
c:\program files (x86)\Protected Search
c:\program files (x86)\Conduit
c:\users\Lolita\AppData\Local\Conduit
c:\users\Lolita\AppData\Roaming\PC Utility Kit
c:\programdata\PC Utility Kit
c:\users\Lolita\AppData\Roaming\Strongvault
DDS::
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN56002197261463852&UM=2&ctid=CT3289847
FirerFox::
FF - ProfilePath - c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN62173828420927235&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search
Extras.txt
OTL Extras logfile created on: 4/22/2013 11:19:28 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lolita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 47.31% Memory free
3.74 Gb Paging File | 2.21 Gb Available in Paging File | 58.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 175.41 Gb Free Space | 78.85% Space Free | Partition Type: NTFS
Computer Name: LOLITA-PC | User Name: Lolita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A94A1A2-6863-42C3-B031-CED763987B5A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BE02B7A-5472-4F51-90DC-F2B320425A9E}" = lport=137 | protocol=17 | dir=in | app=system |
"{13CE015C-46D0-4618-9CD4-8A2C1A673A9B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2104EEEF-4F47-481E-B8AE-41675F3BD546}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{385058D7-2D19-4724-9548-0B32A1FA0151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{38B30364-FFE1-4CEE-872E-8FDE916C6410}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5082D34B-0B80-4BEE-AEAA-63411DFB55BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{584CB49E-35DD-4E85-8789-B80E770E2115}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5C86FFA6-5746-4FD5-B2EA-31798C63FE05}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5FE0C97D-F8A3-4805-8F0F-663B81CFA61D}" = rport=445 | protocol=6 | dir=out | app=system |
"{612FFD72-6AC3-40FB-92AC-C53BC33E98B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{774E5C8E-4745-4531-B2BE-2C681F06EE83}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{77EB11AE-71FF-4B6E-BA19-9A4383E0F223}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8EE7741E-8FC9-475F-A3E0-380894A9AAEC}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7A2D366-A510-4DF1-A17C-068410465C29}" = rport=139 | protocol=6 | dir=out | app=system |
"{A7AF1BF0-5448-4E59-8F58-407140431C0E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AC318F7A-96DD-4EAB-8DEA-9279952D4483}" = lport=139 | protocol=6 | dir=in | app=system |
"{AD9D7D07-4DED-4463-B684-18FA99BEC172}" = rport=137 | protocol=17 | dir=out | app=system |
"{B45ECE4E-4156-4634-BE7C-BD8BCA245BBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C644801D-8E39-48F3-A8F7-62664363AC26}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C7557DE7-E455-47C6-865C-A3B517167F8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD06D664-FF86-4580-9EAB-D1B6B40FA4F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4606195-221C-495E-A822-38D93C2C57D5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F14882D9-0F45-4F67-9743-F1C21AAA7BCB}" = lport=445 | protocol=6 | dir=in | app=system |
"{F9ABAD07-C1DD-4B2D-BBCC-2FB2BCA9E2BF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F5F990-735F-4827-90C7-8C09C121DBCC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0A217042-0403-4932-8BDB-2D55A3F2FE25}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{111689EE-4F0B-43B9-9C86-CEC2FF094F87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12ABF134-4CFE-420B-9F67-D40D208768B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{15587662-7524-48E2-A141-C56E54BBA8CC}" = protocol=58 | dir=in | [email protected],-28545 |
"{2DF38A33-8BF9-462A-92DD-4C86E5632F1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A98D1FB-DE8B-4235-B6C0-7FA0B04A7EB8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3CE59CDB-F8F3-4FC1-BDFB-ABC05BB312B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45C65444-9C64-43E9-BAF5-60BA93C63837}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{45D85A2F-D5E2-4D07-AB0C-773274703741}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{61B1C9D0-F10B-4FD6-AEF4-CA035795FC98}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{79B10520-939D-405C-BFC6-21EF7928C208}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87CB1315-E4F7-4A79-83F6-FCAE3223695E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{8AB399CA-9289-4E02-9D8B-41E75D028F6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{992AC31E-A401-47B0-8989-44E3B19D8510}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{9ADB37E2-D9B5-43CA-A2E2-E4134A123C7B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A1B3FE7F-4613-487C-B968-321DE8A605D9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{A54ED17B-A9FA-419D-ACCD-963DC032C027}" = protocol=1 | dir=in | [email protected],-28543 |
"{A66E6C2D-CB0A-4587-9122-3070D89E9FD3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{B2D701AD-FF82-453F-8458-D9468E703F5D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C0F98801-F7B8-4557-A419-F2830F55DA3D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg pc tuneup\boostspeed.exe |
"{C50E78BB-0EA8-4A97-9760-DA8C7E1779F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C71C9B05-3A78-4174-8A7E-71D392ED01F2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{C75C61AA-A992-4725-8FB8-0166ED7BA434}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{C7F2DC0C-5EAE-45A3-B0E1-3DAD705CDC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{CFFF4487-9A8F-4114-8EC9-69F150439FBD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D700D3E6-9ED6-42A4-81EF-49EFC6E7CC95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCF65E17-9C96-436F-99C7-0EF3375A32D5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E27219C1-3AF0-49A3-822B-D2850F6F0FEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E366093A-7E60-45D1-95D8-775C61933AF0}" = protocol=6 | dir=out | app=system |
"{E41A2297-E40D-4287-97F4-95098BE59F15}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg pc tuneup\boostspeed.exe |
"{F2E8E6D2-7C3F-44E5-B450-D58F89591F5D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F6A8DE98-03CF-4A7E-BEDA-8175B9729CEA}" = protocol=1 | dir=out | [email protected],-28544 |
"{F78BC400-BF94-4A13-95F9-41652E886B75}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F79F4B02-87FE-4E1F-B17E-492940588A72}" = protocol=58 | dir=out | [email protected],-28546 |
"{FD3FEC96-599D-4991-82C5-B0EAE38D182D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FF18F104-4D26-4A9A-9FBB-8A03E82E286C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{59FFBBA8-69DC-49B0-92C8-A45E82AC6A3B}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{6E8EC1AE-2E98-48C5-B7A8-3D3B19BF49F6}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{86D70D5C-8129-412F-B649-020E0AEA3DA4}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{D6B48FFC-75C0-4516-9906-FF4EE1C33563}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{F1048C68-012A-4DD4-ADCD-4BD00F4272AE}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FD80311-508F-42C3-A004-4CC8D08231F5}" = AVG 2013
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Nuance PDF Reader_is1" = NuancePDFReader
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B005610-B725-8D14-0C4B-40E0339F6E8D}" = Shutterfly Express Uploader
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5F6C549F-78DA-4E0E-AE70-0BD981936D99}" = Nuance PDF Reader
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
"Family Tree Builder" = MyHeritage Family Tree Builder
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"Mozilla (1.7.13)" = Mozilla (1.7.13)
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.89
"The Weather Channel App" = The Weather Channel App
"ULTIMATER" = Microsoft Office Ultimate 2007
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/12/2011 5:21:20 PM | Computer Name = Lolita-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 7/13/2011 12:20:26 PM | Computer Name = Lolita-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 1/9/2012 5:16:27 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:16:27 PM - Error connecting to the internet. 4:16:27 PM - Unable
to contact server..
Error - 1/9/2012 8:53:17 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 7:53:17 PM - Error connecting to the internet. 7:53:17 PM - Unable
to contact server..
Error - 1/11/2012 5:58:27 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:58:27 AM - Error connecting to the internet. 4:58:27 AM - Unable
to contact server..
Error - 1/12/2012 8:30:44 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 7:30:43 PM - Error connecting to the internet. 7:30:43 PM - Unable
to contact server..
Error - 1/19/2012 12:43:21 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 11:42:34 AM - Error connecting to the internet. 11:43:16 AM - Unable
to contact server..
Error - 1/20/2012 11:31:46 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 10:31:44 AM - Error connecting to the internet. 10:31:45 AM - Unable
to contact server..
Error - 1/21/2012 11:26:03 AM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 10:26:02 AM - Error connecting to the internet. 10:26:03 AM - Unable
to contact server..
Error - 1/29/2012 12:46:02 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 11:46:00 AM - Error connecting to the internet. 11:46:01 AM - Unable
to contact server..
Error - 1/31/2012 5:44:02 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 4:44:01 PM - Error connecting to the internet. 4:44:01 PM - Unable
to contact server..
Error - 2/20/2012 7:15:33 PM | Computer Name = Lolita-PC | Source = MCUpdate | ID = 0
Description = 6:15:10 PM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
[ OSession Events ]
Error - 5/24/2011 11:37:01 AM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 794
seconds with 780 seconds of active time. This session ended with a crash.
Error - 1/25/2013 5:47:30 PM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4549
seconds with 3420 seconds of active time. This session ended with a crash.
Error - 1/25/2013 5:48:08 PM | Computer Name = Lolita-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4/22/2013 5:18:59 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:00 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:00 PM | Computer Name = Lolita-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 4/22/2013 5:19:06 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126
Error - 4/22/2013 5:19:19 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126
Error - 4/22/2013 5:50:13 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 4/22/2013 5:50:13 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 4/22/2013 5:56:39 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 2
time(s).
Error - 4/22/2013 6:40:17 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 3
time(s).
Error - 4/22/2013 6:44:20 PM | Computer Name = Lolita-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 4
time(s).
< End of report >
#22
Posted 22 April 2013 - 10:00 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
that is the extras report can you send me the other report that OTL made
gringo
gringo
#23
Posted 23 April 2013 - 11:29 AM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
OTL logfile created on: 4/22/2013 11:19:28 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lolita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 47.31% Memory free
3.74 Gb Paging File | 2.21 Gb Available in Paging File | 58.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 175.41 Gb Free Space | 78.85% Space Free | Partition Type: NTFS
Computer Name: LOLITA-PC | User Name: Lolita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Users\Lolita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vToolbarUpdater15.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE:64bit: - HKLM\..\SearchScopes\{CF6CD28C-F38C-4EAA-BA84-A7B654D2A316}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {2DD2F311-185E-444C-B4C2-A2A3539DFC3C}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=18-04-2013
IE - HKLM\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3294791
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes,DefaultScope = {2DD2F311-185E-444C-B4C2-A2A3539DFC3C}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}: "URL" = http://search.condui...1701321937&UM=2
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.msn.ipl...q={searchTerms}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=18-04-2013
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{6FAE34A3-A33B-49DE-8580-74E399F819E0}: "URL" = http://search.us.com...k={searchTerms}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}: "URL" = http://search.condui...8682505329&UM=2
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{CAB07320-5C0F-4F91-9A81-3F8DB32A8D1B}: "URL" = http://www.google.co...TSNA_en___US394
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}: "URL" = http://websearch.ask...49-E5279C6ECDED
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..CT3289847.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Vafmusic2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....6:53:17&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B650EED71-89E2-453B-8DCF-2AA1B4AE6EF3%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bc72c0c73-4eb0-4fb3-af0f-074e97326cfd%7D:1.4
FF - prefs.js..extensions.enabledAddons: %7B739df940-c5ee-4bab-9d7e-270894ae687a%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.1.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/08 14:10:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.1.0.2 [2013/04/22 16:53:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files (x86)\mozilla.org\Mozilla\Components [2011/08/05 11:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\Mozilla\Plugins [2013/04/18 20:36:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/08 14:10:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files (x86)\mozilla.org\Mozilla\Components [2011/08/05 11:41:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\Mozilla\Plugins [2013/04/18 20:36:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
[2010/09/19 13:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\Extensions
[2013/04/22 23:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions
[2013/04/20 22:04:59 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2013/04/18 21:30:10 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2013/04/19 20:00:00 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2013/04/18 21:49:21 | 000,002,542 | ---- | M] () -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\aol-search.xml
[2013/04/22 15:24:34 | 000,000,995 | ---- | M] () -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\conduit.xml
[2013/04/22 15:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/18 21:53:18 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[2013/04/12 18:01:08 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/04/22 16:53:20 | 000,000,000 | ---D | M] (AVG SafeGuard toolbar) -- C:\PROGRAMDATA\AVG SAFEGUARD TOOLBAR\FIREFOXEXT\15.1.0.2
[2013/04/12 18:01:48 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/01 14:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/30 15:01:53 | 000,002,064 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bingober574763079.xml
[2013/04/22 16:53:21 | 000,003,723 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2013/02/27 13:17:03 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
O1 HOSTS File: ([2013/04/20 18:01:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {04eb382a-4b48-4de7-a570-b0307b9b13c7} - No CLSID value found.
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Lolita\AppData\Local\DownloadTerms\temp.dat File not found
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - {25393362-FCFF-4744-B3EC-D70782CC531F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
O4 - HKU\S-1-5-21-346716698-347066381-1028468673-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD92DD5D-2901-44A4-81BD-EA26F3BB2264}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.1.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/22 23:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Inbox Toolbar
[2013/04/22 18:44:54 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/04/22 17:00:51 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\AVG2013
[2013/04/22 16:53:35 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\AVG SafeGuard toolbar
[2013/04/22 16:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/04/22 16:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/04/22 16:53:16 | 000,040,736 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/04/22 16:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/04/22 16:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/04/22 16:52:05 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/04/22 16:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/04/22 16:49:09 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\Avg2013
[2013/04/22 15:25:43 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\player
[2013/04/22 15:24:36 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\DefaultTab
[2013/04/20 21:00:17 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\TuneUp Software
[2013/04/20 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\MFAData
[2013/04/20 20:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2013/04/20 20:27:48 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\SwvUpdater
[2013/04/20 20:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/04/20 20:12:28 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\SimplyTech
[2013/04/20 20:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Protected Search
[2013/04/20 19:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/04/20 19:43:43 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\Conduit
[2013/04/20 19:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot
[2013/04/20 19:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OtShot
[2013/04/20 17:49:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/04/20 17:49:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/04/20 17:49:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/20 17:48:53 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/04/20 17:20:54 | 000,000,000 | ---D | C] -- C:\Users\Lolita\Desktop\RK_Quarantine
[2013/04/19 19:54:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/04/19 17:41:53 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\PC Utility Kit
[2013/04/19 17:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Utility Kit
[2013/04/19 16:56:50 | 000,000,000 | ---D | C] -- C:\Users\Lolita\SyncFolder
[2013/04/18 22:50:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/04/18 22:50:28 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\Systweak
[2013/04/18 22:50:27 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\windows\SysNative\roboot64.exe
[2013/04/18 22:01:27 | 000,000,000 | ---D | C] -- C:\Users\Lolita\.smplayer
[2013/04/18 21:49:00 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\Strongvault
[2013/04/18 21:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Toolbar
[2013/04/18 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\RealNetworks
[2013/04/18 21:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/04/14 21:48:07 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/14 21:48:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/04/14 21:48:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/04/14 21:48:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/14 21:48:06 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/04/14 21:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/04/14 21:48:06 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/04/14 21:48:06 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/04/14 21:48:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/04/14 21:48:05 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/04/14 21:48:05 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/04/14 21:48:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/04/14 21:48:05 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/04/14 21:48:04 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/04/14 21:48:04 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/04/14 21:48:04 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/04/14 21:48:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/04/14 21:48:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/04/14 21:48:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/04/14 21:48:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/04/14 21:48:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/04/14 21:48:03 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/04/14 21:48:03 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/04/14 21:48:03 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/04/14 21:48:03 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/04/14 21:48:03 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/04/14 21:48:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/04/14 21:48:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/04/14 21:48:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/04/14 21:48:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/04/14 21:48:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/04/14 21:48:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/04/14 21:48:02 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/04/14 21:48:01 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/04/14 21:48:01 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/04/14 21:48:01 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/04/14 21:48:01 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/04/14 21:48:01 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/04/14 21:48:01 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/04/14 21:48:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/04/14 21:48:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/04/14 21:48:00 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/04/14 21:48:00 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/04/14 21:48:00 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/04/14 21:48:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/04/14 21:48:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/04/14 21:47:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/04/14 21:47:59 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/04/14 21:47:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/04/14 21:47:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/04/14 21:47:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/04/14 21:47:59 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/04/14 21:47:59 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/04/14 21:47:59 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/04/14 21:47:59 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/04/14 21:47:59 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/04/14 21:47:58 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/04/14 21:47:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/04/14 21:47:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/04/14 21:47:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/04/14 21:47:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/04/14 21:47:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/04/14 21:47:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/04/14 21:47:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/04/14 21:47:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/04/14 21:47:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/04/14 21:47:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/04/14 21:47:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/04/14 21:46:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/04/14 21:46:19 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/04/14 21:46:19 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/04/14 21:46:19 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/04/14 21:46:19 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/04/14 21:46:19 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/04/14 21:46:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/04/14 21:46:19 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/04/14 21:46:18 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/04/14 21:46:18 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/04/14 21:46:18 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/04/14 21:46:18 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/04/14 21:46:17 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/04/14 21:46:17 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/04/14 21:46:17 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/04/14 21:46:17 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/04/14 21:46:17 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/04/14 21:46:17 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/04/14 21:46:17 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/04/14 21:46:17 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/04/14 21:46:17 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/04/14 21:39:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/04/12 18:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/04/11 19:39:25 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/04/11 19:39:24 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/04/11 19:39:23 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/04/11 19:39:22 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/04/11 19:39:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/04/11 19:39:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/04/10 17:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/04/10 17:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/04/02 20:53:39 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\{9DB8F7D3-425C-41D1-8C07-7DF705E01A90}
[2011/08/14 18:17:18 | 033,001,712 | ---- | C] (Nuance Communications, Inc. ) -- C:\Program Files (x86)\Nuance PDF Reader.exe
[2011/07/29 10:39:04 | 013,685,936 | ---- | C] (Mozilla) -- C:\Users\Lolita\Firefox Setup 5.0.1.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/22 23:23:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/04/22 19:30:16 | 000,800,410 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/04/22 19:30:16 | 000,675,902 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/04/22 19:30:16 | 000,126,510 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/04/22 19:28:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/22 17:25:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 17:25:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 17:17:46 | 1506,783,232 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/22 16:53:23 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/04/22 16:53:07 | 000,040,736 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/04/22 16:41:01 | 000,000,042 | ---- | M] () -- C:\windows\SysWow64\AK083E209605E394C.lie
[2013/04/22 15:25:47 | 000,000,009 | ---- | M] () -- C:\END
[2013/04/22 15:24:49 | 000,000,258 | RHS- | M] () -- C:\Users\Lolita\ntuser.pol
[2013/04/20 23:15:51 | 000,001,166 | ---- | M] () -- C:\Users\Lolita\Desktop\ComboFix.exe - Shortcut.lnk
[2013/04/20 22:24:06 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/04/20 18:01:38 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/04/20 16:25:05 | 000,000,165 | -H-- | M] () -- C:\Users\Lolita\Documents\~$2011TAXES.ods
[2013/04/19 16:56:50 | 000,001,641 | ---- | M] () -- C:\Users\Lolita\Desktop\Sync Folder.lnk
[2013/04/18 20:36:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/16 17:52:05 | 000,001,104 | ---- | M] () -- C:\Users\Lolita\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/04/14 21:48:07 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/14 21:48:07 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/04/14 21:48:07 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/04/14 21:48:07 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/14 21:48:06 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/04/14 21:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/04/14 21:48:06 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/04/14 21:48:06 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/04/14 21:48:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/04/14 21:48:05 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/04/14 21:48:05 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/04/14 21:48:05 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/04/14 21:48:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/04/14 21:48:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/04/14 21:48:04 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/04/14 21:48:04 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/04/14 21:48:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/04/14 21:48:04 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/04/14 21:48:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/04/14 21:48:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/04/14 21:48:04 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/04/14 21:48:03 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/04/14 21:48:03 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/04/14 21:48:03 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/04/14 21:48:03 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/04/14 21:48:03 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/04/14 21:48:03 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/04/14 21:48:03 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/04/14 21:48:03 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/04/14 21:48:03 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/04/14 21:48:03 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/04/14 21:48:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/04/14 21:48:02 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/04/14 21:48:02 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/04/14 21:48:02 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/04/14 21:48:01 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/04/14 21:48:01 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/04/14 21:48:01 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/04/14 21:48:01 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/04/14 21:48:01 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/04/14 21:48:01 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/04/14 21:48:01 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/04/14 21:48:01 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/04/14 21:48:00 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/04/14 21:48:00 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/04/14 21:48:00 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/04/14 21:48:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/04/14 21:48:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/04/14 21:48:00 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/04/14 21:47:59 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/04/14 21:47:59 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/04/14 21:47:59 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/04/14 21:47:59 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/04/14 21:47:59 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/04/14 21:47:59 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/04/14 21:47:59 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/04/14 21:47:59 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/04/14 21:47:59 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/04/14 21:47:59 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/04/14 21:47:58 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/04/14 21:47:58 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/04/14 21:47:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/04/14 21:47:58 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/04/14 21:47:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/04/14 21:47:58 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/04/14 21:47:58 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/04/14 21:47:58 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/04/14 21:47:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/04/14 21:47:58 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/04/14 21:47:57 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/04/14 21:46:20 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:19 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/04/14 21:46:19 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/04/14 21:46:19 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/04/14 21:46:19 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/04/14 21:46:19 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/04/14 21:46:19 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/04/14 21:46:19 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/04/14 21:46:18 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/04/14 21:46:18 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/04/14 21:46:18 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/04/14 21:46:18 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/04/14 21:46:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/04/14 21:46:17 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/04/14 21:46:17 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/04/14 21:46:17 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/04/14 21:46:17 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/04/14 21:46:17 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/04/14 21:46:17 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/04/14 21:46:17 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/04/14 21:46:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/04/11 22:30:09 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/04/11 22:30:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/04/11 22:21:51 | 000,428,248 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/04/11 10:22:56 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100.dll
[2013/04/11 10:22:56 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp100.dll
[2013/04/07 15:16:54 | 000,000,231 | ---- | M] () -- C:\Users\Lolita\Desktop\Facebook.URL
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/22 16:53:23 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/04/22 16:41:01 | 000,000,042 | ---- | C] () -- C:\windows\SysWow64\AK083E209605E394C.lie
[2013/04/20 23:15:51 | 000,001,166 | ---- | C] () -- C:\Users\Lolita\Desktop\ComboFix.exe - Shortcut.lnk
[2013/04/20 20:12:28 | 000,016,896 | ---- | C] () -- C:\windows\Launcher.exe
[2013/04/20 19:43:32 | 000,000,258 | RHS- | C] () -- C:\Users\Lolita\ntuser.pol
[2013/04/20 19:43:04 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot.lnk
[2013/04/20 19:43:03 | 000,000,009 | ---- | C] () -- C:\END
[2013/04/20 17:49:27 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/04/20 17:49:27 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/04/20 17:49:27 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/04/20 17:49:27 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/04/20 17:49:27 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/04/20 16:25:05 | 000,000,165 | -H-- | C] () -- C:\Users\Lolita\Documents\~$2011TAXES.ods
[2013/04/19 16:56:50 | 000,001,641 | ---- | C] () -- C:\Users\Lolita\Desktop\Sync Folder.lnk
[2013/04/18 20:36:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/18 20:36:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/14 21:48:03 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/04/14 21:48:00 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/04/07 15:16:53 | 000,000,231 | ---- | C] () -- C:\Users\Lolita\Desktop\Facebook.URL
[2013/02/12 00:18:16 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/12/11 13:27:56 | 004,132,864 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2012/07/11 18:48:40 | 000,000,214 | ---- | C] () -- C:\windows\MyHeritage.INI
[2012/07/11 18:42:17 | 000,454,656 | ---- | C] () -- C:\windows\SysWow64\PaintX.dll
[2012/04/05 10:55:26 | 000,191,656 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2011/08/14 14:28:35 | 000,022,753 | ---- | C] () -- C:\windows\hpqins15.dat
[2011/07/28 20:09:01 | 000,206,990 | ---- | C] () -- C:\windows\hpoins46.dat
[2011/06/01 15:43:54 | 000,794,562 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/01/18 20:50:15 | 000,004,096 | -H-- | C] () -- C:\Users\Lolita\AppData\Local\keyfile3.drm
[2010/09/19 12:47:33 | 000,000,000 | ---- | C] () -- C:\Users\Lolita\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 364 bytes -> C:\ProgramData\TEMP:5B85C37B
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0F4A7B6A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
can you also help me with the auto reply.
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lolita\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 47.31% Memory free
3.74 Gb Paging File | 2.21 Gb Available in Paging File | 58.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 175.41 Gb Free Space | 78.85% Space Free | Partition Type: NTFS
Computer Name: LOLITA-PC | User Name: Lolita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Users\Lolita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vToolbarUpdater15.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE:64bit: - HKLM\..\SearchScopes\{CF6CD28C-F38C-4EAA-BA84-A7B654D2A316}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {2DD2F311-185E-444C-B4C2-A2A3539DFC3C}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=18-04-2013
IE - HKLM\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3294791
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes,DefaultScope = {2DD2F311-185E-444C-B4C2-A2A3539DFC3C}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}: "URL" = http://search.condui...1701321937&UM=2
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.msn.ipl...q={searchTerms}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=18-04-2013
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{6FAE34A3-A33B-49DE-8580-74E399F819E0}: "URL" = http://search.us.com...k={searchTerms}
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}: "URL" = http://search.condui...8682505329&UM=2
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{CAB07320-5C0F-4F91-9A81-3F8DB32A8D1B}: "URL" = http://www.google.co...TSNA_en___US394
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{CB59146E-5AF0-481F-89F6-8E534A2B3A08}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}: "URL" = http://websearch.ask...49-E5279C6ECDED
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..CT3289847.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Vafmusic2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....6:53:17&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B650EED71-89E2-453B-8DCF-2AA1B4AE6EF3%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bc72c0c73-4eb0-4fb3-af0f-074e97326cfd%7D:1.4
FF - prefs.js..extensions.enabledAddons: %7B739df940-c5ee-4bab-9d7e-270894ae687a%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.1.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/08 14:10:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.1.0.2 [2013/04/22 16:53:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files (x86)\mozilla.org\Mozilla\Components [2011/08/05 11:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\Mozilla\Plugins [2013/04/18 20:36:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/08 14:10:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files (x86)\mozilla.org\Mozilla\Components [2011/08/05 11:41:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\Mozilla\Plugins [2013/04/18 20:36:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:37:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 22:09:18 | 000,000,000 | ---D | M]
[2010/09/19 13:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\Extensions
[2013/04/22 23:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions
[2013/04/20 22:04:59 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2013/04/18 21:30:10 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2013/04/19 20:00:00 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2013/04/18 21:49:21 | 000,002,542 | ---- | M] () -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\aol-search.xml
[2013/04/22 15:24:34 | 000,000,995 | ---- | M] () -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\conduit.xml
[2013/04/22 15:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/18 21:53:18 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[2013/04/12 18:01:08 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/04/22 16:53:20 | 000,000,000 | ---D | M] (AVG SafeGuard toolbar) -- C:\PROGRAMDATA\AVG SAFEGUARD TOOLBAR\FIREFOXEXT\15.1.0.2
[2013/04/12 18:01:48 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/01 14:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/30 15:01:53 | 000,002,064 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bingober574763079.xml
[2013/04/22 16:53:21 | 000,003,723 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2013/02/27 13:17:03 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
O1 HOSTS File: ([2013/04/20 18:01:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {04eb382a-4b48-4de7-a570-b0307b9b13c7} - No CLSID value found.
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Lolita\AppData\Local\DownloadTerms\temp.dat File not found
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - {25393362-FCFF-4744-B3EC-D70782CC531F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
O4 - HKU\S-1-5-21-346716698-347066381-1028468673-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-346716698-347066381-1028468673-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD92DD5D-2901-44A4-81BD-EA26F3BB2264}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.1.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/22 23:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Inbox Toolbar
[2013/04/22 18:44:54 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/04/22 17:00:51 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\AVG2013
[2013/04/22 16:53:35 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\AVG SafeGuard toolbar
[2013/04/22 16:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/04/22 16:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/04/22 16:53:16 | 000,040,736 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/04/22 16:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/04/22 16:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/04/22 16:52:05 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/04/22 16:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/04/22 16:49:09 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\Avg2013
[2013/04/22 15:25:43 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\player
[2013/04/22 15:24:36 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\DefaultTab
[2013/04/20 21:00:17 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\TuneUp Software
[2013/04/20 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\MFAData
[2013/04/20 20:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2013/04/20 20:27:48 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\SwvUpdater
[2013/04/20 20:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/04/20 20:12:28 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\SimplyTech
[2013/04/20 20:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Protected Search
[2013/04/20 19:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/04/20 19:43:43 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\Conduit
[2013/04/20 19:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot
[2013/04/20 19:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OtShot
[2013/04/20 17:49:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/04/20 17:49:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/04/20 17:49:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/20 17:48:53 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/04/20 17:20:54 | 000,000,000 | ---D | C] -- C:\Users\Lolita\Desktop\RK_Quarantine
[2013/04/19 19:54:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/04/19 17:41:53 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\PC Utility Kit
[2013/04/19 17:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Utility Kit
[2013/04/19 16:56:50 | 000,000,000 | ---D | C] -- C:\Users\Lolita\SyncFolder
[2013/04/18 22:50:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/04/18 22:50:28 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\Systweak
[2013/04/18 22:50:27 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\windows\SysNative\roboot64.exe
[2013/04/18 22:01:27 | 000,000,000 | ---D | C] -- C:\Users\Lolita\.smplayer
[2013/04/18 21:49:00 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\Strongvault
[2013/04/18 21:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Toolbar
[2013/04/18 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\RealNetworks
[2013/04/18 21:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/04/14 21:48:07 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/14 21:48:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/04/14 21:48:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/04/14 21:48:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/14 21:48:06 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/04/14 21:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/04/14 21:48:06 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/04/14 21:48:06 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/04/14 21:48:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/04/14 21:48:05 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/04/14 21:48:05 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/04/14 21:48:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/04/14 21:48:05 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/04/14 21:48:04 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/04/14 21:48:04 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/04/14 21:48:04 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/04/14 21:48:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/04/14 21:48:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/04/14 21:48:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/04/14 21:48:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/04/14 21:48:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/04/14 21:48:03 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/04/14 21:48:03 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/04/14 21:48:03 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/04/14 21:48:03 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/04/14 21:48:03 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/04/14 21:48:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/04/14 21:48:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/04/14 21:48:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/04/14 21:48:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/04/14 21:48:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/04/14 21:48:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/04/14 21:48:02 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/04/14 21:48:01 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/04/14 21:48:01 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/04/14 21:48:01 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/04/14 21:48:01 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/04/14 21:48:01 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/04/14 21:48:01 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/04/14 21:48:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/04/14 21:48:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/04/14 21:48:00 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/04/14 21:48:00 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/04/14 21:48:00 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/04/14 21:48:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/04/14 21:48:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/04/14 21:47:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/04/14 21:47:59 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/04/14 21:47:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/04/14 21:47:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/04/14 21:47:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/04/14 21:47:59 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/04/14 21:47:59 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/04/14 21:47:59 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/04/14 21:47:59 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/04/14 21:47:59 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/04/14 21:47:58 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/04/14 21:47:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/04/14 21:47:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/04/14 21:47:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/04/14 21:47:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/04/14 21:47:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/04/14 21:47:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/04/14 21:47:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/04/14 21:47:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/04/14 21:47:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/04/14 21:47:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/04/14 21:47:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/04/14 21:46:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/04/14 21:46:19 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/04/14 21:46:19 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/04/14 21:46:19 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/04/14 21:46:19 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/04/14 21:46:19 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/04/14 21:46:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/04/14 21:46:19 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/04/14 21:46:18 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/04/14 21:46:18 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/04/14 21:46:18 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/04/14 21:46:18 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/04/14 21:46:17 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/04/14 21:46:17 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/04/14 21:46:17 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/04/14 21:46:17 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/04/14 21:46:17 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/04/14 21:46:17 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/04/14 21:46:17 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/04/14 21:46:17 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/04/14 21:46:17 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/04/14 21:39:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/04/12 18:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/04/11 19:39:25 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/04/11 19:39:24 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/04/11 19:39:23 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/04/11 19:39:22 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/04/11 19:39:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/04/11 19:39:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/04/10 17:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/04/10 17:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/04/02 20:53:39 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\{9DB8F7D3-425C-41D1-8C07-7DF705E01A90}
[2011/08/14 18:17:18 | 033,001,712 | ---- | C] (Nuance Communications, Inc. ) -- C:\Program Files (x86)\Nuance PDF Reader.exe
[2011/07/29 10:39:04 | 013,685,936 | ---- | C] (Mozilla) -- C:\Users\Lolita\Firefox Setup 5.0.1.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/22 23:23:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/04/22 19:30:16 | 000,800,410 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/04/22 19:30:16 | 000,675,902 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/04/22 19:30:16 | 000,126,510 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/04/22 19:28:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/22 17:25:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 17:25:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 17:17:46 | 1506,783,232 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/22 16:53:23 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/04/22 16:53:07 | 000,040,736 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/04/22 16:41:01 | 000,000,042 | ---- | M] () -- C:\windows\SysWow64\AK083E209605E394C.lie
[2013/04/22 15:25:47 | 000,000,009 | ---- | M] () -- C:\END
[2013/04/22 15:24:49 | 000,000,258 | RHS- | M] () -- C:\Users\Lolita\ntuser.pol
[2013/04/20 23:15:51 | 000,001,166 | ---- | M] () -- C:\Users\Lolita\Desktop\ComboFix.exe - Shortcut.lnk
[2013/04/20 22:24:06 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/04/20 18:01:38 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/04/20 16:25:05 | 000,000,165 | -H-- | M] () -- C:\Users\Lolita\Documents\~$2011TAXES.ods
[2013/04/19 16:56:50 | 000,001,641 | ---- | M] () -- C:\Users\Lolita\Desktop\Sync Folder.lnk
[2013/04/18 20:36:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/16 17:52:05 | 000,001,104 | ---- | M] () -- C:\Users\Lolita\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/04/14 21:48:07 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/14 21:48:07 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/04/14 21:48:07 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/04/14 21:48:07 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/14 21:48:06 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/04/14 21:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/04/14 21:48:06 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/04/14 21:48:06 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/04/14 21:48:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/04/14 21:48:05 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/04/14 21:48:05 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/04/14 21:48:05 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/04/14 21:48:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/04/14 21:48:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/04/14 21:48:04 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/04/14 21:48:04 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/04/14 21:48:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/04/14 21:48:04 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/04/14 21:48:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/04/14 21:48:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/04/14 21:48:04 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/04/14 21:48:03 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/04/14 21:48:03 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/04/14 21:48:03 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/04/14 21:48:03 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/04/14 21:48:03 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/04/14 21:48:03 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/04/14 21:48:03 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/04/14 21:48:03 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/04/14 21:48:03 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/04/14 21:48:03 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/04/14 21:48:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/04/14 21:48:02 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/04/14 21:48:02 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/04/14 21:48:02 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/04/14 21:48:01 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/04/14 21:48:01 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/04/14 21:48:01 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/04/14 21:48:01 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/04/14 21:48:01 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/04/14 21:48:01 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/04/14 21:48:01 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/04/14 21:48:01 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/04/14 21:48:00 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/04/14 21:48:00 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/04/14 21:48:00 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/04/14 21:48:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/04/14 21:48:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/04/14 21:48:00 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/04/14 21:47:59 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/04/14 21:47:59 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/04/14 21:47:59 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/04/14 21:47:59 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/04/14 21:47:59 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/04/14 21:47:59 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/04/14 21:47:59 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/04/14 21:47:59 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/04/14 21:47:59 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/04/14 21:47:59 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/04/14 21:47:58 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/04/14 21:47:58 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/04/14 21:47:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/04/14 21:47:58 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/04/14 21:47:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/04/14 21:47:58 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/04/14 21:47:58 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/04/14 21:47:58 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/04/14 21:47:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/04/14 21:47:58 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/04/14 21:47:57 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/04/14 21:46:20 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/14 21:46:19 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/04/14 21:46:19 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/04/14 21:46:19 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/04/14 21:46:19 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/04/14 21:46:19 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/04/14 21:46:19 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/04/14 21:46:19 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/04/14 21:46:19 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/04/14 21:46:18 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/04/14 21:46:18 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/04/14 21:46:18 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/04/14 21:46:18 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/04/14 21:46:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/04/14 21:46:17 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/04/14 21:46:17 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/04/14 21:46:17 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/04/14 21:46:17 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/04/14 21:46:17 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/04/14 21:46:17 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/04/14 21:46:17 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/04/14 21:46:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/04/11 22:30:09 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/04/11 22:30:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/04/11 22:21:51 | 000,428,248 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/04/11 10:22:56 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100.dll
[2013/04/11 10:22:56 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp100.dll
[2013/04/07 15:16:54 | 000,000,231 | ---- | M] () -- C:\Users\Lolita\Desktop\Facebook.URL
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/22 16:53:23 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/04/22 16:41:01 | 000,000,042 | ---- | C] () -- C:\windows\SysWow64\AK083E209605E394C.lie
[2013/04/20 23:15:51 | 000,001,166 | ---- | C] () -- C:\Users\Lolita\Desktop\ComboFix.exe - Shortcut.lnk
[2013/04/20 20:12:28 | 000,016,896 | ---- | C] () -- C:\windows\Launcher.exe
[2013/04/20 19:43:32 | 000,000,258 | RHS- | C] () -- C:\Users\Lolita\ntuser.pol
[2013/04/20 19:43:04 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot.lnk
[2013/04/20 19:43:03 | 000,000,009 | ---- | C] () -- C:\END
[2013/04/20 17:49:27 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/04/20 17:49:27 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/04/20 17:49:27 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/04/20 17:49:27 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/04/20 17:49:27 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/04/20 16:25:05 | 000,000,165 | -H-- | C] () -- C:\Users\Lolita\Documents\~$2011TAXES.ods
[2013/04/19 16:56:50 | 000,001,641 | ---- | C] () -- C:\Users\Lolita\Desktop\Sync Folder.lnk
[2013/04/18 20:36:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/18 20:36:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/14 21:48:03 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/04/14 21:48:00 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/04/07 15:16:53 | 000,000,231 | ---- | C] () -- C:\Users\Lolita\Desktop\Facebook.URL
[2013/02/12 00:18:16 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/12/11 13:27:56 | 004,132,864 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2012/07/11 18:48:40 | 000,000,214 | ---- | C] () -- C:\windows\MyHeritage.INI
[2012/07/11 18:42:17 | 000,454,656 | ---- | C] () -- C:\windows\SysWow64\PaintX.dll
[2012/04/05 10:55:26 | 000,191,656 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2011/08/14 14:28:35 | 000,022,753 | ---- | C] () -- C:\windows\hpqins15.dat
[2011/07/28 20:09:01 | 000,206,990 | ---- | C] () -- C:\windows\hpoins46.dat
[2011/06/01 15:43:54 | 000,794,562 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/01/18 20:50:15 | 000,004,096 | -H-- | C] () -- C:\Users\Lolita\AppData\Local\keyfile3.drm
[2010/09/19 12:47:33 | 000,000,000 | ---- | C] () -- C:\Users\Lolita\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 364 bytes -> C:\ProgramData\TEMP:5B85C37B
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0F4A7B6A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
can you also help me with the auto reply.
#24
Posted 23 April 2013 - 08:40 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Littleone3
I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.
Run OTL Script
Let me know How things are doing
Gringo
I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.
Run OTL Script
- Double-click OTL.exe to start the program.
- Copy and Paste the following code into the
text box.
:OTL IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}: "URL" = http://search.condui...1701321937&UM=2 <http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3294791&CUI=UN28573351701321937&UM=2> IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}: "URL" = http://search.condui...8682505329&UM=2 <http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287819&CUI=UN31421188682505329&UM=2> IE - HKU\S-1-5-21-346716698-347066381-1028468673-1001\..\SearchScopes\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}: "URL" = http://websearch.ask...49-E5279C6ECDED <http://websearch.ask.com/redirect?client=ie&tb=ASI&o=APN10701&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ASD&apn_dtid=^YYYYYY^YY^US&apn_uid=c26fc994-a473-4d92-a3e2-2ec4ca115f17&apn_sauid=9DC7E4AB-71EB-47EC-A949-E5279C6ECDED> FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&CUI=UN24098443659622161&UM=2&SearchSource=3&q={searchTerms}" [2013/04/20 22:04:59 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} [2013/04/22 15:24:34 | 000,000,995 | ---- | M] () -- C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\conduit.xml [2013/04/20 19:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2013/04/20 19:43:43 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Local\Conduit [2013/04/20 19:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot [2013/04/20 19:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OtShot [2013/04/19 17:41:53 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\PC Utility Kit [2013/04/19 17:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Utility Kit [2013/04/18 21:49:00 | 000,000,000 | ---D | C] -- C:\Users\Lolita\AppData\Roaming\Strongvault @Alternate Data Stream - 364 bytes -> C:\ProgramData\TEMP:5B85C37B @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0F4A7B6A @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2 :Files ipconfig /flushdns /c :Commands [PURITY] [emptyjava] [EMPTYFLASH] [reboot] - Then click the Run Fix button at the top.
- Click
. - OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles
It will be named - mmddyyyy_hhmmss.log
Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.
Let me know How things are doing
Gringo
#25
Posted 24 April 2013 - 12:35 PM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
This morning when I turned my computer. The following information was on the screen. Unable to load skin. then would you like to import your contact from outlook. then an attempt was make to access and unnamed file past to end.
Error: Unable to interpret <http://billy-oneal.c.../customFix.png> in the current context!
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}\ not found.
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}\ not found.
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}\ not found.
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\Plugins folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\modules folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\META-INF folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\lib folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults\preferences folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\sl folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\core folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\script folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\js folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\msd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\api folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\res folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847 scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\conduit.xml moved successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
C:\Users\Lolita\AppData\Local\Conduit folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot folder moved successfully.
C:\Program Files (x86)\OtShot\signed folder moved successfully.
C:\Program Files (x86)\OtShot folder moved successfully.
C:\Users\Lolita\AppData\Roaming\PC Utility Kit\PC Utility Kit folder moved successfully.
C:\Users\Lolita\AppData\Roaming\PC Utility Kit folder moved successfully.
C:\ProgramData\PC Utility Kit\PC Utility Kit folder moved successfully.
C:\Users\Lolita\AppData\Roaming\Strongvault folder moved successfully.
ADS C:\ProgramData\TEMP:5B85C37B deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
ADS C:\ProgramData\TEMP:0F4A7B6A deleted successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Lolita\Downloads\cmd.bat deleted successfully.
C:\Users\Lolita\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: AppData
User: Default
User: Default User
User: Guest
User: Lolita
->Java cache emptied: 382975 bytes
User: Lolita Parker
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: AppData
User: Default
->Flash cache emptied: 56504 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
->Flash cache emptied: 1531 bytes
User: Lolita
->Flash cache emptied: 102577 bytes
User: Lolita Parker
->Flash cache emptied: 2756 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04242013_142319
Files\Folders moved on Reboot...
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847 folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} folder moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
If I did this wrong let me know. my computer was extremely slow.
Error: Unable to interpret <http://billy-oneal.c.../customFix.png> in the current context!
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DD2F311-185E-444C-B4C2-A2A3539DFC3C}\ not found.
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{978EE3A4-10FC-4A6E-B558-DBBADCA9C545}\ not found.
Registry key HKEY_USERS\S-1-5-21-346716698-347066381-1028468673-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC3DC6CB-F6E4-4B0D-93F5-AE18AB3EB51F}\ not found.
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\Plugins folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\modules folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\META-INF folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\lib folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults\preferences folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\sl folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\core folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\script folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\js folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\css folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\msd folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\api folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\res folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\img folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\js folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\images folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\css folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog folder moved successfully.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847 scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} scheduled to be moved on reboot.
C:\Users\Lolita\AppData\Roaming\mozilla\firefox\profiles\j8v586mm.default-1361841784927\searchplugins\conduit.xml moved successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
C:\Users\Lolita\AppData\Local\Conduit folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot folder moved successfully.
C:\Program Files (x86)\OtShot\signed folder moved successfully.
C:\Program Files (x86)\OtShot folder moved successfully.
C:\Users\Lolita\AppData\Roaming\PC Utility Kit\PC Utility Kit folder moved successfully.
C:\Users\Lolita\AppData\Roaming\PC Utility Kit folder moved successfully.
C:\ProgramData\PC Utility Kit\PC Utility Kit folder moved successfully.
C:\Users\Lolita\AppData\Roaming\Strongvault folder moved successfully.
ADS C:\ProgramData\TEMP:5B85C37B deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
ADS C:\ProgramData\TEMP:0F4A7B6A deleted successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Lolita\Downloads\cmd.bat deleted successfully.
C:\Users\Lolita\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: AppData
User: Default
User: Default User
User: Guest
User: Lolita
->Java cache emptied: 382975 bytes
User: Lolita Parker
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: AppData
User: Default
->Flash cache emptied: 56504 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
->Flash cache emptied: 1531 bytes
User: Lolita
->Flash cache emptied: 102577 bytes
User: Lolita Parker
->Flash cache emptied: 2756 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04242013_142319
Files\Folders moved on Reboot...
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847 folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome folder moved successfully.
C:\Users\Lolita\AppData\Roaming\mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} folder moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
If I did this wrong let me know. my computer was extremely slow.
#26
Posted 24 April 2013 - 01:38 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
restart the computer and let me know how things are doing
gringo
gringo
#27
Posted 24 April 2013 - 01:49 PM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
Still very slow.
#28
Posted 24 April 2013 - 03:07 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Littleone3
I would like you to try and run these next.
TDSSKiller
Please download the latest version of TDSSKiller from here and save it to your Desktop.
and I will see if I want to see the whole report
Malwarebytes Anti-Rootkit
1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.
If you have any problems running either one come back and let me know
please reply with the reports from TDSSKiller and MBAR
Gringo
I would like you to try and run these next.
TDSSKiller
Please download the latest version of TDSSKiller from here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Put a checkmark beside loaded modules.
- A reboot will be needed to apply the changes. Do it.
- TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
- Then click on Change parameters in TDSSKiller.
- Check all boxes then click OK.
- Click the Start Scan button.
- The scan should take no longer than 2 minutes.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results
- Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed. - A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it
If the forum still complains about it being to long send me everything that is at the end of the report after where it says
==================
Scan finished
==================
and I will see if I want to see the whole report
Malwarebytes Anti-Rootkit
1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.
If you have any problems running either one come back and let me know
please reply with the reports from TDSSKiller and MBAR
Gringo
#29
Posted 25 April 2013 - 07:59 PM
Littleone3
- Topic Starter
-
- Member
-
- 22 posts
Member
I tried to send you the results of the two scans, but the scans would not fit. the results were all 0. My computer is now running fine. Thank you for working with a computer newbe.
#30
Posted 26 April 2013 - 08:13 AM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Littleone3
I would like to see a report that combofix makes.
extra combofix report
copy and paste the report into this topic for me to review
Gringo
I would like to see a report that combofix makes.
extra combofix report
- push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
- please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
- click ok
copy and paste the report into this topic for me to review
Gringo
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
