This morning when I went on the net I noticed that random words on posts in a forum were appearing blue or green and doubleunderlined.
The past few web search results I have clicked have opened the intended page, but a log-in box appears asking me to login with cfxpy.
Sometimes a box pops up and even follows my mouse around...in the bottom of the box says ads by resultslink.com. Sometimes when i click a link a new tab pops up with an ad, while in the original tab the webpage is loading.
Hovering over the word didn't seem to show anything dodgy so I tried clicking on one and it showed as cxpfy.com then went through to some search page I'd never heard of before. These links are now appearing on every web page I visit.
I have scanned with AVG 2012 which found nothing, and with Malware Bytes anti malware all of which found nothing. I scanned with ad-aware antivirus which found 42 threats. I cleaned the threats, but the double underlined links still appear.
Many thanks,
Amanda
_________________________________________________________________________
OTL logfile created on: 6/2/2013 10:12:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Amanda\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.01% Memory free
3.98 Gb Paging File | 2.45 Gb Available in Paging File | 61.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 127.42 Gb Free Space | 54.72% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 14.87 Gb Free Space | 99.15% Space Free | Partition Type: NTFS
Drive E: | 4.02 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: AMANDA-PC | User Name: Amanda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/02 22:10:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Amanda\Downloads\OTL.exe
PRC - [2013/05/21 22:49:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/21 21:43:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/05 12:58:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/03/18 03:25:44 | 018,828,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,284,304 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/12/24 16:40:49 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/11/22 19:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/08 15:14:16 | 000,122,032 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2012/11/08 15:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/11/08 15:01:30 | 001,516,680 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/21 22:48:51 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/15 13:19:09 | 001,838,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2743fdfcb695f6e9b1c3c4a7759ff4e8\Microsoft.VisualBasic.ni.dll
MOD - [2013/05/14 23:39:27 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013/05/14 23:39:25 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013/05/14 23:39:24 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013/01/09 14:11:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 13:53:19 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 13:53:04 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 13:52:43 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 13:52:34 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
MOD - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
========== Services (SafeList) ==========
SRV - [2013/05/27 22:14:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 22:49:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/08 15:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/01/18 13:39:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013/06/01 23:15:23 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/06 07:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/06 07:42:08 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/23 07:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 07:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/01/26 19:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1205633631&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{261BF077-CC89-DEEC-7E88-2EFCD80DED85}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://start.mysearc...=1205633631&ir=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1205633631&ir=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 89 E9 01 61 E1 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{261BF077-CC89-DEEC-7E88-2EFCD80DED85}: "URL" = http://mystart.incre...6OyPOusVBy&i=26
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-v/search/redirect/?type=default&user_id=c18afa3d-61d3-4623-ab93-983c29f94669&query={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://start.mysearc...=1205633631&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.searchEnginesURL: "http://www.google.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: playbryte_ext%40playbryte.com:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Amanda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Amanda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Amanda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Amanda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Amanda\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Amanda\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox [2013/05/04 16:10:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/24 16:41:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/12/24 16:41:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/01 23:18:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/23 13:47:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/01 23:18:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/23 13:47:29 | 000,000,000 | ---D | M]
[2012/05/01 13:05:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Extensions
[2013/06/02 00:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\extensions
[2013/03/10 20:45:27 | 000,000,000 | ---D | M] (PlayBryte) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\extensions\[email protected]
[2013/06/01 22:45:29 | 001,382,101 | ---- | M] () (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\extensions\[email protected]
[2013/05/01 13:13:57 | 000,002,545 | ---- | M] () -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\searchplugins\aol-search.xml
[2013/05/03 23:05:01 | 000,002,403 | ---- | M] () -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\searchplugins\Mysearchdial.xml
[2012/04/29 16:44:49 | 000,002,519 | ---- | M] () -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\searchplugins\Search_Results.xml
[2013/05/21 22:49:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 22:49:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/08/05 12:04:35 | 000,002,361 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Amanda\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF80001F-6CD9-455A-9000-A7CB56B0F665}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/02 16:16:48 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{C080BBD6-6C21-442E-BE29-10C1933B1C07}
[2013/06/01 23:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/01 23:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/06/01 23:32:13 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\Computer Health
[2013/06/01 23:29:35 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\LavasoftStatistics
[2013/06/01 23:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/06/01 23:21:14 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\Codec Pack Packages
[2013/06/01 23:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/06/01 23:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/06/01 23:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013/06/01 23:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/06/01 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013/06/01 23:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2013/06/01 23:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2013/06/01 23:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013/06/01 23:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/06/01 23:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx
[2013/06/01 23:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013/06/01 23:19:04 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\LavFilters
[2013/06/01 23:19:04 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\CDXReader
[2013/06/01 23:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/06/01 23:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2013/06/01 23:18:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0400000.030
[2013/06/01 23:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/06/01 23:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/06/01 23:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013/06/01 23:17:20 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\DSite
[2013/06/01 23:15:24 | 000,044,424 | ---- | C] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/06/01 23:15:24 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/06/01 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\Ad-Aware Antivirus
[2013/06/01 17:31:30 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{1B67C954-CED6-4830-BF68-596BE6CA7590}
[2013/05/31 00:20:50 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{1144C19B-1209-4506-A04D-5ED3D63B5098}
[2013/05/30 12:20:26 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{F5C46E3E-0DB8-4FC0-ACB5-2F9D3E52FB86}
[2013/05/30 00:03:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{39909FA6-1950-491F-A425-4BA2C5AE1C7D}
[2013/05/29 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8A6F0F7E-5666-4D41-9F49-302489830EAD}
[2013/05/28 13:48:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{A9F5D360-1DFD-4EDA-BEA7-D6870999D1F1}
[2013/05/27 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{458CA5A4-6547-4973-899A-22E79CDFC053}
[2013/05/27 11:33:27 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{AEE8D952-DE68-46C2-AABF-299695EB60F3}
[2013/05/25 13:42:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{D359C8A9-13C2-49C7-93CB-FE5E2F53CBD4}
[2013/05/24 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{23034A7D-52C0-4AE3-8FC5-B6A5F276DA99}
[2013/05/23 13:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/23 13:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/05/23 13:25:31 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{DA2AF7E6-0590-46C1-8C18-28C9FF83CFB0}
[2013/05/22 12:25:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{922683DF-B812-4ADA-AB58-33DFE3FFE3D7}
[2013/05/21 22:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/05/21 22:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/05/21 20:58:02 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{124474E7-63E6-4CC4-B1E8-CCCEFA5B06A2}
[2013/05/20 21:21:47 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{9EEDE4C4-DDBB-4E31-A9DE-CDDB3C92277F}
[2013/05/20 13:35:58 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{55D2BA2B-905C-4368-8225-B814447E96D3}
[2013/05/19 21:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/19 21:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/05/19 21:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/05/19 12:22:22 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{A878D055-F9D1-4B17-BB5E-0F1F7A1CEB12}
[2013/05/18 14:01:49 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{AA5902BD-EC2F-4AFE-B231-F064C4A4AC1E}
[2013/05/17 21:17:35 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{2787E9A9-8D37-4377-8C67-1EA0826136A5}
[2013/05/16 12:38:46 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{94517B3D-83E8-4396-B334-160B8355DFB2}
[2013/05/16 00:17:54 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\Lexar Media
[2013/05/15 12:58:38 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{E9222793-7352-493F-97DB-09D4F2BAEE10}
[2013/05/14 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{F2269C77-DE8D-4C3C-9ACE-1BC508C3B26A}
[2013/05/13 13:16:34 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{805C8F25-C16E-49E8-8390-3CB1A813AE4D}
[2013/05/13 00:01:48 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{66BA18CB-D7E0-4010-814D-E10912BFC07A}
[2013/05/09 23:28:11 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{665F9030-2FD4-4080-8545-985C1AD20CAA}
[2013/05/09 13:15:19 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\Vegas
[2013/05/09 11:27:47 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8BC6857C-D197-4861-AE5E-3A4C1652D310}
[2013/05/08 12:53:41 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8DB0E25A-F3F9-4FF5-AA5A-BF75FF3A0EA7}
[2013/05/07 00:43:06 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{79B01522-EA0A-42D7-B730-3B5C8932C7BB}
[2013/05/06 21:35:21 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\From phone
[2013/05/06 12:42:35 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{476A774B-7B94-4EFD-B92E-8352A5D36131}
[2013/05/04 14:32:57 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{61C115DA-67B5-4081-A311-493D197C9D83}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/02 22:17:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/06/02 22:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/02 21:59:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/02 21:53:12 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/02 21:53:12 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/02 21:46:14 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/02 21:46:10 | 000,000,378 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterTask{BFEFFC0C-520A-4271-BB59-16FAFD04159C}.job
[2013/06/02 21:45:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/02 21:45:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2013/06/02 21:45:45 | 1602,097,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/02 16:26:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000UA.job
[2013/06/02 13:53:07 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Amanda.job
[2013/06/02 13:52:22 | 000,351,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/06/02 13:40:22 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000UA.job
[2013/06/01 23:19:05 | 000,001,786 | ---- | M] () -- C:\Windows\unins000.dat
[2013/06/01 23:19:01 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013/06/01 23:15:23 | 000,044,424 | ---- | M] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/06/01 23:15:23 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/29 14:19:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000Core.job
[2013/05/28 21:26:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000Core.job
[2013/05/21 00:11:27 | 000,669,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/21 00:11:27 | 000,125,514 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/20 23:54:15 | 000,032,467 | ---- | M] () -- C:\Users\Amanda\Desktop\XCEL vs Team.pdf
[2013/05/09 12:18:10 | 000,141,170 | ---- | M] () -- C:\Users\Amanda\Desktop\Weekly-Hourly-Planner.pdf
[2013/05/04 15:41:04 | 000,240,300 | ---- | M] () -- C:\Users\Amanda\Desktop\new rubric student evaluation session AMANDA.pdf
[2013/05/03 23:04:28 | 000,621,310 | ---- | M] () -- C:\Users\Amanda\AppData\Local\mysearchdial.crx
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/01 23:19:35 | 000,153,088 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2013/06/01 23:19:34 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/06/01 23:19:34 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013/06/01 23:19:25 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/06/01 23:19:05 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013/06/01 23:19:04 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/06/01 23:19:04 | 000,001,786 | ---- | C] () -- C:\Windows\unins000.dat
[2013/06/01 23:18:15 | 000,000,442 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Amanda.job
[2013/06/01 23:17:57 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0400000.030\isolate.ini
[2013/06/01 23:17:25 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013/05/21 22:48:14 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/21 22:48:12 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/20 23:54:18 | 000,032,467 | ---- | C] () -- C:\Users\Amanda\Desktop\XCEL vs Team.pdf
[2013/05/09 12:18:10 | 000,141,170 | ---- | C] () -- C:\Users\Amanda\Desktop\Weekly-Hourly-Planner.pdf
[2013/05/04 15:41:02 | 000,240,300 | ---- | C] () -- C:\Users\Amanda\Desktop\new rubric student evaluation session AMANDA.pdf
[2013/05/03 23:04:49 | 000,621,310 | ---- | C] () -- C:\Users\Amanda\AppData\Local\mysearchdial.crx
[2012/12/24 16:37:46 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2012/12/02 15:56:23 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2012/11/29 22:33:28 | 000,000,502 | ---- | C] () -- C:\Windows\System32\CNCMFP34.INI
[2012/05/20 23:56:17 | 000,003,584 | ---- | C] () -- C:\Users\Amanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/29 17:10:00 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/19 01:48:06 | 000,088,688 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2012/01/18 23:31:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/01/18 23:30:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/01/18 13:45:01 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/01/16 14:29:05 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
========== ZeroAccess Check ==========
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/04/04 21:37:20 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\.oit
[2013/06/02 13:51:01 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Ad-Aware Antivirus
[2012/11/20 12:38:41 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Audacity
[2012/08/05 12:04:30 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Babylon
[2012/12/02 17:43:56 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Canon
[2013/06/01 23:19:11 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\CDXReader
[2013/06/01 23:21:14 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Codec Pack Packages
[2012/01/23 01:00:23 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\com.essexreddevelopment.mergepdfmac
[2012/12/11 22:35:17 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\ConverterLite
[2013/06/01 23:17:20 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\DSite
[2013/05/15 13:05:34 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\FileAssociationManager
[2013/06/01 23:19:12 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\LavFilters
[2012/01/16 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Leadertech
[2012/12/02 18:11:41 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\NewSoft
[2012/12/24 16:37:38 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\OpenCandy
[2012/12/09 19:59:17 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Pavtube
[2012/08/18 20:43:57 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\RIFT
[2012/11/30 00:17:33 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Seagate
[2013/03/21 23:37:12 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Unity
[2013/05/10 00:56:57 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\VDownloader
[2013/02/19 23:00:45 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >