SC Cleaner log:
Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingc...ortcut-cleaner/Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 06/13/2013 01:24:00 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\Amanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\Amanda\Desktop
0 bad shortcuts found.
Program finished at: 06/13/2013 01:24:05 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)
OTL quickscan log:
OTL logfile created on: 6/13/2013 1:25:01 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Amanda\Desktop\Computer Health
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.80% Memory free
3.98 Gb Paging File | 2.61 Gb Available in Paging File | 65.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 134.18 Gb Free Space | 57.62% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 14.87 Gb Free Space | 99.15% Space Free | Partition Type: NTFS
Computer Name: AMANDA-PC | User Name: Amanda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/06/11 23:39:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Amanda\Desktop\Computer Health\OTL.exe
PRC - [2013/06/11 00:26:22 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/05/21 22:49:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/16 11:11:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/21 21:43:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2013/04/18 06:56:14 | 000,659,992 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2013/04/16 03:09:04 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/05 12:58:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/11/22 19:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/08 15:14:16 | 000,122,032 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2012/11/08 15:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/11/08 15:01:30 | 001,516,680 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
========== Modules (No Company Name) ========== MOD - [2013/05/21 22:48:51 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/15 13:19:09 | 001,838,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2743fdfcb695f6e9b1c3c4a7759ff4e8\Microsoft.VisualBasic.ni.dll
MOD - [2013/05/14 23:39:27 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013/05/14 23:39:25 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013/05/14 23:39:24 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013/01/09 14:11:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 13:53:19 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 13:53:04 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 13:52:43 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 13:52:34 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 15:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
MOD - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
========== Services (SafeList) ========== SRV - [2013/06/11 23:12:14 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 22:49:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/16 11:11:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 06:56:22 | 001,227,800 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/04/18 06:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/11/08 15:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/01/18 13:39:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013/06/01 23:15:23 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/04/18 06:55:52 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/06 07:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/06 07:42:08 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/23 07:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 07:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/01/26 19:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/13 16:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 89 E9 01 61 E1 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.searchEnginesURL: "
http://www.google.com"FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.google.com"FF - prefs.js..extensions.enabledAddons: %7BFCE04E1F-9378-4f39-96F6-5689A9159E45%7D:1.3.2
FF - prefs.js..extensions.enabledAddons: %7B7D4F1959-3F72-49d5-8E59-F02F8AA6815D%7D:2.0.0.586
FF - prefs.js..extensions.enabledAddons: %7B8D150B8F-EFE8-45a3-A4A3-053020F48FAC%7D:6.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Amanda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\VDownloader\Addons\FireFox [2013/05/04 16:10:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/11 00:29:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/11 00:29:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}: C:\Program Files\Updater By SweetPacks\Firefox [2013/06/11 13:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/01 23:18:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/11 00:27:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/01 23:18:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/11 00:27:07 | 000,000,000 | ---D | M]
[2012/05/01 13:05:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Extensions
[2013/06/11 14:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\extensions
[2013/06/05 11:57:05 | 001,382,186 | ---- | M] () (No name found) -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\extensions\
[email protected][2013/05/01 13:13:57 | 000,002,545 | ---- | M] () -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\searchplugins\aol-search.xml
[2013/06/11 13:32:01 | 000,001,778 | ---- | M] () -- C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\searchplugins\Bing.xml
[2013/05/21 22:49:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 22:49:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/11 13:32:48 | 000,000,000 | ---D | M] (Updater By SweetPacks) -- C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2013/06/11 00:29:21 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/06/11 00:26:44 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
========== Chrome ========== O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Updater By SweetPacks) - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Amanda\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF80001F-6CD9-455A-9000-A7CB56B0F665}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/06/12 12:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/06/12 12:22:49 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\for kitchen folder
[2013/06/12 12:00:37 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{A1B7D8F0-9FB2-48E4-A35F-7334C50DA3C8}
[2013/06/11 14:22:34 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\AVS4YOU
[2013/06/11 14:21:53 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/06/11 14:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/06/11 14:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2013/06/11 14:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013/06/11 14:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2013/06/11 14:16:34 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Documents\Wondershare Video Converter Ultimate
[2013/06/11 14:16:30 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
[2013/06/11 14:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Video Converter Ultimate
[2013/06/11 14:15:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Wondershare
[2013/06/11 14:09:17 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Documents\RER Soft, Inc
[2013/06/11 13:40:46 | 000,000,000 | ---D | C] -- C:\AcalaSoft
[2013/06/11 13:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/06/11 13:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp
[2013/06/11 13:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\ARFC
[2013/06/11 13:31:17 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\dvdcss
[2013/06/11 13:07:23 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\ssubtmr6.dll
[2013/06/11 13:07:23 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\System32\trayicon_handler.ocx
[2013/06/11 13:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2013/06/11 12:46:50 | 000,000,000 | ---D | C] -- C:\ConverterOutput
[2013/06/11 12:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Cucusoft
[2013/06/11 12:43:14 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Documents\Wondershare DVD Creator
[2013/06/11 00:34:32 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{149FC43D-019A-46F2-B9A5-22391E4561DA}
[2013/06/11 00:30:59 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\RealNetworks
[2013/06/11 00:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/11 00:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/06/11 00:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/06/10 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\Secunia PSI
[2013/06/10 22:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013/06/10 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/06/09 12:33:31 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{1DF72CF9-1CF5-44B6-867E-2AD9512DD3A0}
[2013/06/08 13:56:34 | 000,000,000 | ---D | C] -- C:\Temp
[2013/06/08 13:47:46 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{573B59C3-B5D2-4F0C-A1E4-AD9681CEA0CE}
[2013/06/08 00:04:00 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\how to back up phone - Google Search_files
[2013/06/07 23:52:15 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{77D3BF00-43D6-4C94-B0A3-7DBE98E9DFE1}
[2013/06/07 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\Life Ideas
[2013/06/06 23:51:33 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{D5449EF6-08D5-4672-9853-2CCDA8FE28CD}
[2013/06/06 11:51:03 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8B9A5DB0-1A46-4DA2-AE06-5F0D8953EE6C}
[2013/06/05 23:50:38 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8570DE9A-9E01-409A-B409-A3ABC4759B0B}
[2013/06/05 22:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/06/05 22:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/05 22:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/05 11:50:11 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{00F13A5E-0EB6-4CD4-8BDB-5CEB84D05572}
[2013/06/04 12:45:33 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{5E128A50-67B3-4DE2-8337-5C18189A75EB}
[2013/06/03 23:43:25 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{E08ACF48-E11C-4D9D-9854-0FCE9511C11D}
[2013/06/03 12:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/06/03 11:42:45 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{C58650A2-328F-4095-9814-92FD0C3C791E}
[2013/06/02 16:16:48 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{C080BBD6-6C21-442E-BE29-10C1933B1C07}
[2013/06/01 23:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/01 23:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/06/01 23:32:13 | 000,000,000 | ---D | C] -- C:\Users\Amanda\Desktop\Computer Health
[2013/06/01 23:29:35 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\LavasoftStatistics
[2013/06/01 23:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013/06/01 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013/06/01 23:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2013/06/01 23:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2013/06/01 23:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013/06/01 23:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/06/01 23:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx
[2013/06/01 23:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013/06/01 23:19:04 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\LavFilters
[2013/06/01 23:19:04 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Roaming\CDXReader
[2013/06/01 23:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/06/01 23:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2013/06/01 23:18:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2013/06/01 23:17:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0400000.030
[2013/06/01 23:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/06/01 23:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/06/01 23:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013/06/01 23:15:24 | 000,044,424 | ---- | C] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/06/01 23:15:24 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/06/01 17:31:30 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{1B67C954-CED6-4830-BF68-596BE6CA7590}
[2013/05/31 00:20:50 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{1144C19B-1209-4506-A04D-5ED3D63B5098}
[2013/05/30 12:20:26 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{F5C46E3E-0DB8-4FC0-ACB5-2F9D3E52FB86}
[2013/05/30 00:03:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{39909FA6-1950-491F-A425-4BA2C5AE1C7D}
[2013/05/29 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{8A6F0F7E-5666-4D41-9F49-302489830EAD}
[2013/05/28 13:48:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{A9F5D360-1DFD-4EDA-BEA7-D6870999D1F1}
[2013/05/27 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{458CA5A4-6547-4973-899A-22E79CDFC053}
[2013/05/27 11:33:27 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{AEE8D952-DE68-46C2-AABF-299695EB60F3}
[2013/05/25 13:42:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{D359C8A9-13C2-49C7-93CB-FE5E2F53CBD4}
[2013/05/24 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{23034A7D-52C0-4AE3-8FC5-B6A5F276DA99}
[2013/05/23 13:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/23 13:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/05/23 13:25:31 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{DA2AF7E6-0590-46C1-8C18-28C9FF83CFB0}
[2013/05/22 12:25:55 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{922683DF-B812-4ADA-AB58-33DFE3FFE3D7}
[2013/05/21 22:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/05/21 22:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/05/21 20:58:02 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{124474E7-63E6-4CC4-B1E8-CCCEFA5B06A2}
[2013/05/20 21:21:47 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{9EEDE4C4-DDBB-4E31-A9DE-CDDB3C92277F}
[2013/05/20 13:35:58 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{55D2BA2B-905C-4368-8225-B814447E96D3}
[2013/05/19 12:22:22 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{A878D055-F9D1-4B17-BB5E-0F1F7A1CEB12}
[2013/05/18 14:01:49 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{AA5902BD-EC2F-4AFE-B231-F064C4A4AC1E}
[2013/05/17 21:17:35 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{2787E9A9-8D37-4377-8C67-1EA0826136A5}
[2013/05/16 12:38:46 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{94517B3D-83E8-4396-B334-160B8355DFB2}
[2013/05/16 00:17:54 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\Lexar Media
[2013/05/15 12:58:38 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{E9222793-7352-493F-97DB-09D4F2BAEE10}
[2013/05/14 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Amanda\AppData\Local\{F2269C77-DE8D-4C3C-9ACE-1BC508C3B26A}
========== Files - Modified Within 30 Days ========== [2013/06/13 13:30:02 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/13 13:30:02 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/13 13:27:12 | 002,545,907 | ---- | M] () -- C:\Users\Amanda\Desktop\Common Cooking Mistakes_ Cooking Tips and Questions Answered - Cooking Light.pdf
[2013/06/13 13:22:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/13 13:22:25 | 000,000,378 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterTask{BFEFFC0C-520A-4271-BB59-16FAFD04159C}.job
[2013/06/13 13:22:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/13 13:22:06 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2013/06/13 13:22:01 | 1602,097,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/13 13:20:57 | 000,000,184 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/06/13 00:04:17 | 000,078,344 | ---- | M] () -- C:\Users\Amanda\Desktop\BIG LONG LIST.pdf
[2013/06/12 23:59:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/12 23:19:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000UA.job
[2013/06/12 23:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/12 13:17:43 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Amanda.job
[2013/06/11 14:19:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1000443104-1969732642-3790898716-1000Core.job
[2013/06/11 00:26:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/06/08 13:54:36 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/06/08 00:04:02 | 000,307,698 | ---- | M] () -- C:\Users\Amanda\Desktop\how to back up phone - Google Search.htm
[2013/06/02 13:52:22 | 000,351,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/06/01 23:19:05 | 000,001,786 | ---- | M] () -- C:\Windows\unins000.dat
[2013/06/01 23:19:01 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013/06/01 23:15:23 | 000,044,424 | ---- | M] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/06/01 23:15:23 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/27 01:58:04 | 001,167,152 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2013/05/27 01:55:06 | 000,027,136 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll
[2013/05/21 00:11:27 | 000,669,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/21 00:11:27 | 000,125,514 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ========== [2013/06/13 13:27:35 | 002,545,907 | ---- | C] () -- C:\Users\Amanda\Desktop\Common Cooking Mistakes_ Cooking Tips and Questions Answered - Cooking Light.pdf
[2013/06/13 13:20:45 | 000,000,184 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/06/13 00:04:21 | 000,078,344 | ---- | C] () -- C:\Users\Amanda\Desktop\BIG LONG LIST.pdf
[2013/06/11 13:31:53 | 001,167,152 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2013/06/11 13:31:53 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll
[2013/06/11 12:46:35 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2013/06/11 12:46:35 | 001,761,280 | ---- | C] () -- C:\Windows\System32\ffdshow.ax
[2013/06/11 12:46:35 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2013/06/11 12:46:35 | 000,262,144 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013/06/11 12:46:35 | 000,172,032 | ---- | C] () -- C:\Windows\System32\ac3filter.ax
[2013/06/11 12:46:35 | 000,112,640 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2013/06/10 21:26:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/08 00:03:59 | 000,307,698 | ---- | C] () -- C:\Users\Amanda\Desktop\how to back up phone - Google Search.htm
[2013/06/01 23:19:35 | 000,153,088 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2013/06/01 23:19:34 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/06/01 23:19:34 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013/06/01 23:19:25 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/06/01 23:19:05 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013/06/01 23:19:04 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/06/01 23:19:04 | 000,001,786 | ---- | C] () -- C:\Windows\unins000.dat
[2013/06/01 23:18:15 | 000,000,408 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Amanda.job
[2013/06/01 23:17:57 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0400000.030\isolate.ini
[2013/05/21 22:48:14 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/21 22:48:12 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/24 16:37:46 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2012/12/02 15:56:23 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2012/11/29 22:33:28 | 000,000,502 | ---- | C] () -- C:\Windows\System32\CNCMFP34.INI
[2012/05/20 23:56:17 | 000,003,584 | ---- | C] () -- C:\Users\Amanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/29 17:10:00 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/19 01:48:06 | 000,088,688 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2012/01/18 23:31:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/01/18 23:30:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/01/18 13:45:01 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/01/16 14:29:05 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
========== ZeroAccess Check ========== [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/04/04 21:37:20 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\.oit
[2012/11/20 12:38:41 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Audacity
[2012/12/02 17:43:56 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Canon
[2013/06/01 23:19:11 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\CDXReader
[2012/01/23 01:00:23 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\com.essexreddevelopment.mergepdfmac
[2012/12/11 22:35:17 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\ConverterLite
[2013/05/15 13:05:34 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\FileAssociationManager
[2013/06/01 23:19:12 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\LavFilters
[2012/01/16 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Leadertech
[2012/12/02 18:11:41 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\NewSoft
[2012/12/09 19:59:17 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Pavtube
[2012/08/18 20:43:57 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\RIFT
[2012/11/30 00:17:33 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Seagate
[2013/03/21 23:37:12 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Unity
[2013/06/06 22:50:03 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\VDownloader
[2013/02/19 23:00:45 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\Windows Live Writer
[2013/06/11 14:16:30 | 000,000,000 | ---D | M] -- C:\Users\Amanda\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
========== Purity Check ========== < End of report >
AdwCleaner log:
# AdwCleaner v2.303 - Logfile created 06/13/2013 at 13:20:25
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Amanda - AMANDA-PC
# Boot Mode : Normal
# Running from : C:\Users\Amanda\Downloads\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : IBUpdaterService
***** [Files / Folders] *****
Deleted on reboot : C:\Program Files\Updater By SweetPacks
Deleted on reboot : C:\Windows\system32\Zynga
Deleted on reboot : C:\Windows\system32\Zynga
File Deleted : C:\Windows\Tasks\DSite.job
Folder Deleted : C:\Program Files\Common Files\Wondershare
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Wondershare
Folder Deleted : C:\Users\Amanda\AppData\Local\Wondershare
Folder Deleted : C:\Users\Amanda\AppData\Roaming\DSite
Folder Deleted : C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\jetpack
Folder Deleted : C:\Windows\system32\WNLT
***** [Registry] *****
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\Software\WNLT
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry is clean.
-\\ Mozilla Firefox v21.0 (en-US)
File : C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\ojvdid29.default\prefs.js
Deleted : user_pref("extensions.mysearchdial.aflt", "ironmsd04");
Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Deleted : user_pref("extensions.mysearchdial.cntry", "US");
Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Deleted : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,6[...]
Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Deleted : user_pref("extensions.mysearchdial.hdrMd5", "06DFC4BBDFF55355200E9D93498AACF4");
Deleted : user_pref("extensions.mysearchdial.hmpg", true);
Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2Xzu[...]
Deleted : user_pref("extensions.mysearchdial.id", "00219B0057A8CDB0");
Deleted : user_pref("extensions.mysearchdial.instlDay", "15828");
Deleted : user_pref("extensions.mysearchdial.instlRef", "");
Deleted : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=ironmsd04&cd=2XzuyE[...]
Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "23:4:24");
Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ironmsd04&cd=2X[...]
Deleted : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"14\",\"lastVrsn\":\"14\",\"vrsnLoad\":[...]
Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Deleted : user_pref("extensions.mysearchdial.sg", "none");
Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ironmsd04&cd=[...]
Deleted : user_pref("extensions.mysearchdial.vrsn", "");
Deleted : user_pref("extensions.mysearchdial.vrsni", "");
Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "23:4:24");
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_product_name", "Updater By SweetPacks")[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.1] : urls_to_restore_on_startup ={"extensions":{"settings":{"pflphaooapbgpeakohlggbpidpppgdff":{"ack_external":true,"exclude_from_sid[...]
*************************
AdwCleaner[R1].txt - [10370 octets] - [13/06/2013 13:19:25]
AdwCleaner[S1].txt - [23673 octets] - [03/06/2013 12:04:45]
AdwCleaner[S2].txt - [10042 octets] - [13/06/2013 13:20:25]
########## EOF - C:\AdwCleaner[S2].txt - [10103 octets] ##########